From 9bfccbea9631d11c88fe53b47580c56a9beea3ab Mon Sep 17 00:00:00 2001 From: Dr-Electron Date: Tue, 24 Sep 2024 09:57:20 +0200 Subject: [PATCH] Add new identity reference docs (#1682) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Eike Haß --- config/articleRedirects.js | 2 +- .../explanations/verifiable-presentations.mdx | 10 +- .../1.0/docs/getting-started/wasm.mdx | 2 +- .../decentralized-identifiers/resolve.mdx | 2 +- .../decentralized-identifiers/update.mdx | 2 +- .../how-tos/verifiable-credentials/create.mdx | 4 +- .../verifiable-credentials/revocation.mdx | 2 +- .../specifications/revocation-bitmap-2022.mdx | 2 +- docs/build/identity.rs/1.0/docs/workflow.mdx | 2 +- .../explanations/verifiable-presentations.mdx | 2 +- .../1.1/docs/getting-started/wasm.mdx | 2 +- .../decentralized-identifiers/resolve.mdx | 2 +- .../decentralized-identifiers/update.mdx | 2 +- .../how-tos/verifiable-credentials/create.mdx | 4 +- .../verifiable-credentials/revocation.mdx | 2 +- .../specifications/revocation-bitmap-2022.mdx | 2 +- docs/build/identity.rs/1.1/docs/workflow.mdx | 2 +- .../explanations/verifiable-presentations.mdx | 2 +- .../1.2/docs/getting-started/wasm.mdx | 2 +- .../decentralized-identifiers/resolve.mdx | 2 +- .../decentralized-identifiers/update.mdx | 2 +- .../how-tos/verifiable-credentials/create.mdx | 4 +- .../verifiable-credentials/revocation.mdx | 2 +- .../specifications/revocation-bitmap-2022.mdx | 2 +- docs/build/identity.rs/1.2/docs/workflow.mdx | 2 +- .../explanations/verifiable-presentations.mdx | 2 +- .../1.3/docs/getting-started/wasm.mdx | 2 +- .../decentralized-identifiers/resolve.mdx | 2 +- .../decentralized-identifiers/update.mdx | 2 +- .../how-tos/verifiable-credentials/create.mdx | 4 +- .../verifiable-credentials/revocation.mdx | 2 +- .../1.3/docs/references/.gitignore | 1 + .../1.3/docs/references/api/wasm.mdx | 7684 ----------------- .../specifications/revocation-bitmap-2022.mdx | 2 +- .../revocation-timeframe-2024.mdx | 10 +- docs/build/identity.rs/1.3/docs/workflow.mdx | 2 +- docs/build/identity.rs/1.3/sidebars.js | 9 +- package.json | 2 +- scripts/get_identity_references.sh | 14 + 39 files changed, 69 insertions(+), 7733 deletions(-) create mode 100644 docs/build/identity.rs/1.3/docs/references/.gitignore delete mode 100644 docs/build/identity.rs/1.3/docs/references/api/wasm.mdx create mode 100755 scripts/get_identity_references.sh diff --git a/config/articleRedirects.js b/config/articleRedirects.js index 2a7bd6f84fe..90eb6833c2e 100644 --- a/config/articleRedirects.js +++ b/config/articleRedirects.js @@ -588,7 +588,7 @@ exports.articleRedirects = [ }, { from: '/identity.rs/libraries/wasm/api_reference/', - to: '/identity.rs/references/api/wasm/', + to: '/identity.rs/references/wasm/api_ref', }, { from: '/identity.rs/libraries/wasm/getting_started/', diff --git a/docs/build/identity.rs/1.0/docs/explanations/verifiable-presentations.mdx b/docs/build/identity.rs/1.0/docs/explanations/verifiable-presentations.mdx index 77efe77d1fa..5ae4bc6cb6e 100644 --- a/docs/build/identity.rs/1.0/docs/explanations/verifiable-presentations.mdx +++ b/docs/build/identity.rs/1.0/docs/explanations/verifiable-presentations.mdx @@ -1,12 +1,12 @@ # Verifiable Presentations A verifiable presentation is the recommended data format for sharing one or more [verifiable credentials](./verifiable-credentials.mdx). -It is constructed and signed by a holder to prove control over their credentials and can be presented to a verifier for [validation](#validation). +It is constructed and signed by a holder to prove control over their credentials and can be presented to a verifier for validation. -For instance: after an issuer [creates and issues](./../how-tos/verifiable-credentials/create.mdx) a [verifiable credential](./verifiable-credentials.mdx) to a holder, such as a university issuing a degree to a graduate, +For instance, after an issuer [creates and issues](./../how-tos/verifiable-credentials/create.mdx) a [verifiable credential](./verifiable-credentials.mdx) to a holder, such as a university issuing a degree to a graduate, the holder stores it securely until asked to present it. A company could then request proof of that university degree: the holder can [create a verifiable presentation](./../how-tos/verifiable-credentials/create.mdx) -containing their credential, which is already signed by their university, and present it to the company to [validate](./../how-tos/verifiable-credentials/create.mdx#validate-a-vc). +containing their credential, already signed by their university, and present it to the company to [validate](./../how-tos/verifiable-credentials/create.mdx#validate-a-vc). Note that verifiable presentations that contain personal data should, as with verifiable credentials, be transmitted and stored securely off-chain to satisfy data privacy regulations such as [GDPR](https://gdpr.eu/). @@ -20,7 +20,7 @@ See the [Verifiable Credentials Data Model Specification](https://www.w3.org/TR/ ### Replay Attacks -A verifiable presentation without a challenge could potentially be stored by a malicious actor +A malicious actor could potentially store a verifiable presentation without a challenge and replayed to a different verifier, impersonating the holder. This is because the holder's signature on a presentation would still be seen as valid indefinitely, until they [rotate](https://www.w3.org/TR/did-core/#verification-method-rotation) the verification method used. @@ -35,5 +35,5 @@ The challenge string should be sufficiently random and unique for each verifiabl being predicted. Holders may additionally specify that their signature on a verifiable presentation expires after a short duration, as -per `JwtPresentationOptions`. However, verifiers and different implementations could choose to ignore that property, +per `JwtPresentationOptions`. However, verifiers and different implementations could ignore that property, so setting a signature expiration alone should not be relied upon. diff --git a/docs/build/identity.rs/1.0/docs/getting-started/wasm.mdx b/docs/build/identity.rs/1.0/docs/getting-started/wasm.mdx index efb2e9f6711..0007b10afb3 100644 --- a/docs/build/identity.rs/1.0/docs/getting-started/wasm.mdx +++ b/docs/build/identity.rs/1.0/docs/getting-started/wasm.mdx @@ -339,6 +339,6 @@ You may find it useful to see how the WASM bindings are being used in existing a - [Zebra IOTA Edge SDK](https://github.com/ZebraDevs/Zebra-Iota-Edge-SDK) (mobile apps using Capacitor.js + Svelte) -## [API Reference](/identity.rs/references/api/wasm) +## [API Reference](../references/api/wasm.mdx) ## [Examples](https://github.com/iotaledger/identity.rs/blob/v1.0.0/bindings/wasm/examples/README.md) diff --git a/docs/build/identity.rs/1.0/docs/how-tos/decentralized-identifiers/resolve.mdx b/docs/build/identity.rs/1.0/docs/how-tos/decentralized-identifiers/resolve.mdx index 09723948611..a7cb6936312 100644 --- a/docs/build/identity.rs/1.0/docs/how-tos/decentralized-identifiers/resolve.mdx +++ b/docs/build/identity.rs/1.0/docs/how-tos/decentralized-identifiers/resolve.mdx @@ -187,7 +187,7 @@ resolve the DID Documents of the [verifiable credential](./../../explanations/ve and presentation holder to verify their signatures. Resolving the necessary DID Documents is -[performed automatically when verifying presentations via the `Resolver`](../verifiable-presentations/create-and-validate.mdx#example) +[performed automatically when verifying presentations via the `Resolver`](../verifiable-presentations/create-and-validate.mdx#example-code) When direct access to these DID Documents is desired, the `Resolver` also provides standalone methods to: diff --git a/docs/build/identity.rs/1.0/docs/how-tos/decentralized-identifiers/update.mdx b/docs/build/identity.rs/1.0/docs/how-tos/decentralized-identifiers/update.mdx index b909ec8a67f..538a17d6aa5 100644 --- a/docs/build/identity.rs/1.0/docs/how-tos/decentralized-identifiers/update.mdx +++ b/docs/build/identity.rs/1.0/docs/how-tos/decentralized-identifiers/update.mdx @@ -21,7 +21,7 @@ while a service can provide metadata around the identity via URIs. ## Verification Methods -As demonstrated by the [example](#example) below, the IOTA Identity framework offers easy-to-use methods for adding +As demonstrated by the [example](#full-example-code) below, the IOTA Identity framework offers easy-to-use methods for adding [verification methods](https://www.w3.org/TR/did-core/#verification-methods). ### Properties diff --git a/docs/build/identity.rs/1.0/docs/how-tos/verifiable-credentials/create.mdx b/docs/build/identity.rs/1.0/docs/how-tos/verifiable-credentials/create.mdx index 7aca7a63d50..72edb7243cd 100644 --- a/docs/build/identity.rs/1.0/docs/how-tos/verifiable-credentials/create.mdx +++ b/docs/build/identity.rs/1.0/docs/how-tos/verifiable-credentials/create.mdx @@ -39,7 +39,7 @@ In the IOTA Identity Framework, you can create a Verifiable Credential with the -## Signing {#signing} +## Signing After preparing the verifiable credential, the issuer creates a signed JWT containing VC in the claims using one of their private keys. This is what allows verifiers to independently validate the credential using the corresponding public key from the issuer's DID Document. @@ -71,7 +71,7 @@ and for enforcing [subject-holder relationships](https://www.w3.org/TR/vc-data-m ## Example -The following code showcases how an issuer can [create, sign](#create-and-sign-vc), +The following code showcases how an issuer can [create, sign](#create-and-sign-a-vc), and [validate](#validate-a-vc) a verifiable credential. In this example, the issuer signs a `UniversityDegreeCredential` with Alice's name and DID. diff --git a/docs/build/identity.rs/1.0/docs/how-tos/verifiable-credentials/revocation.mdx b/docs/build/identity.rs/1.0/docs/how-tos/verifiable-credentials/revocation.mdx index 07f3591fdcb..3416e6bfc89 100644 --- a/docs/build/identity.rs/1.0/docs/how-tos/verifiable-credentials/revocation.mdx +++ b/docs/build/identity.rs/1.0/docs/how-tos/verifiable-credentials/revocation.mdx @@ -14,7 +14,7 @@ import TabItem from '@theme/TabItem'; # Revoke a Verifiable Credential -The [example](#example) below demonstrates two methods that an issuer can use to revoke a verifiable credential +The [example](#full-example-code) below demonstrates two methods that an issuer can use to revoke a verifiable credential using the IOTA Identity Framework: 1. By using the [`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status) field in a credential and linking to a diff --git a/docs/build/identity.rs/1.0/docs/references/specifications/revocation-bitmap-2022.mdx b/docs/build/identity.rs/1.0/docs/references/specifications/revocation-bitmap-2022.mdx index d166507c0d1..e52c5b4d686 100644 --- a/docs/build/identity.rs/1.0/docs/references/specifications/revocation-bitmap-2022.mdx +++ b/docs/build/identity.rs/1.0/docs/references/specifications/revocation-bitmap-2022.mdx @@ -188,7 +188,7 @@ Because of its space efficiency, a roaring bitmap is preferred for representing The [RevocationList2020 specification](https://w3c-ccg.github.io/vc-status-rl-2020/) and [StatusList2021 specification](https://w3c-ccg.github.io/vc-status-list-2021/) both describe a similar revocation mechanism using a verifiable credential that contains a bitmap, similar to the `RevocationBitmap2022` approach. The credential is hosted outside of the DID document and the verifier thus needs to fetch it from an external resource, likely one controlled by the issuer. This has privacy implications as the issuer can track where a fetch request for the credential came from and potentially infer who the credential was verified by and for what purpose. The issuer can also potentially infer which credential was checked. Because `RevocationBitmap2022` is embedded in the issuer's DID document, which can be obtained without the their knowledge, this approach does not suffer from these privacy shortcomings. See also the [privacy considerations](#privacy-considerations). -A downside of embedding the revocation list in the DID document is that storage in a distributed ledger (DLT) is usually more expensive than other storage hosting solutions. The DLT might also impose message size limitations, capping the total number of revocations that can be done (see also [compression](#compression)). +A downside of embedding the revocation list in the DID document is that storage in a distributed ledger (DLT) is usually more expensive than other storage hosting solutions. The DLT might also impose message size limitations, capping the total number of revocations that can be done (see also [compression](#compression-and-maximum-size)). Another difference is that `RevocationList2020` specifies a minimum initial size of 131,072 for its bitstring, to mitigate the potential for correlating individuals when few credentials have been issued. `RevocationBitmap2022` uses a roaring bitmap instead of a bitstring, so the maximum size is not fixed (apart from the upper bound of an unsigned 32-bit integer). This means the bitmap cannot be used to correlate small populations without more information not present in the bitmap itself. However, both schemes still reveal publicly how many credentials have been revoked, which could be used to infer other information if more knowledge about how an issuer assigns credential revocation indexes is known. diff --git a/docs/build/identity.rs/1.0/docs/workflow.mdx b/docs/build/identity.rs/1.0/docs/workflow.mdx index 70449a8673c..d65413f90e5 100644 --- a/docs/build/identity.rs/1.0/docs/workflow.mdx +++ b/docs/build/identity.rs/1.0/docs/workflow.mdx @@ -135,7 +135,7 @@ With the release process, we can deliver versions of our software to the communi The final list of changes from the [changelog](#changelog) informs the version of the release. If at least one change mapping to a major version is included, the major version needs to be incremented. In that case, the minor and patch versions are set to `0`. If there are no changes related to a major version, but changes related to a minor version are present, the minor version needs to be incremented while the patch version is set to `0`. Otherwise, only the patch version is incremented. Determining the version of the release is the responsibility of the person performing the release. -The determined version of the release is used to create the [hotfix](#hotfix) or [release](#release) branch. For example, a major release from the previous version `v2.3.1` will create the `release/v3.0.0` branch. +The determined version of the release is used to create the hotfix or [release](#release) branch. For example, a major release from the previous version `v2.3.1` will create the `release/v3.0.0` branch. Notice the `v` in front of the version. We [tag](https://git-scm.com/book/en/v2/Git-Basics-Tagging) all release in git in the form of `vMAJOR.MINOR.PATCH`. For bindings, we prefix the tag with the binding name, so a tag for Wasm would look like `wasm-v1.2.3`. Bindings and the core Rust library are versioned and released independently. diff --git a/docs/build/identity.rs/1.1/docs/explanations/verifiable-presentations.mdx b/docs/build/identity.rs/1.1/docs/explanations/verifiable-presentations.mdx index a0a68dafc3e..5ae4bc6cb6e 100644 --- a/docs/build/identity.rs/1.1/docs/explanations/verifiable-presentations.mdx +++ b/docs/build/identity.rs/1.1/docs/explanations/verifiable-presentations.mdx @@ -1,7 +1,7 @@ # Verifiable Presentations A verifiable presentation is the recommended data format for sharing one or more [verifiable credentials](./verifiable-credentials.mdx). -It is constructed and signed by a holder to prove control over their credentials and can be presented to a verifier for [validation](#validation). +It is constructed and signed by a holder to prove control over their credentials and can be presented to a verifier for validation. For instance, after an issuer [creates and issues](./../how-tos/verifiable-credentials/create.mdx) a [verifiable credential](./verifiable-credentials.mdx) to a holder, such as a university issuing a degree to a graduate, the holder stores it securely until asked to present it. diff --git a/docs/build/identity.rs/1.1/docs/getting-started/wasm.mdx b/docs/build/identity.rs/1.1/docs/getting-started/wasm.mdx index b7da77e0f43..7cdb74657e7 100644 --- a/docs/build/identity.rs/1.1/docs/getting-started/wasm.mdx +++ b/docs/build/identity.rs/1.1/docs/getting-started/wasm.mdx @@ -334,6 +334,6 @@ You may find it useful to see how the WASM bindings are being used in existing a - [Zebra IOTA Edge SDK](https://github.com/ZebraDevs/Zebra-Iota-Edge-SDK) (mobile apps using Capacitor.js + Svelte) -## [API Reference](/identity.rs/references/api/wasm) +## [API Reference](../references/api/wasm.mdx) ## [Examples](https://github.com/iotaledger/identity.rs/blob/v1.1.0/bindings/wasm/examples/README.md) diff --git a/docs/build/identity.rs/1.1/docs/how-tos/decentralized-identifiers/resolve.mdx b/docs/build/identity.rs/1.1/docs/how-tos/decentralized-identifiers/resolve.mdx index 4c84b81883a..0bc6f39b357 100644 --- a/docs/build/identity.rs/1.1/docs/how-tos/decentralized-identifiers/resolve.mdx +++ b/docs/build/identity.rs/1.1/docs/how-tos/decentralized-identifiers/resolve.mdx @@ -187,7 +187,7 @@ resolve the DID Documents of the [verifiable credential](./../../explanations/ve and presentation holder to verify their signatures. Resolving the necessary DID Documents is -[performed automatically when verifying presentations via the `Resolver`](../verifiable-presentations/create-and-validate.mdx#example) +[performed automatically when verifying presentations via the `Resolver`](../verifiable-presentations/create-and-validate.mdx#example-code) When direct access to these DID Documents is desired, the `Resolver` also provides standalone methods to: diff --git a/docs/build/identity.rs/1.1/docs/how-tos/decentralized-identifiers/update.mdx b/docs/build/identity.rs/1.1/docs/how-tos/decentralized-identifiers/update.mdx index 709cd2eabcb..24183d7dca2 100644 --- a/docs/build/identity.rs/1.1/docs/how-tos/decentralized-identifiers/update.mdx +++ b/docs/build/identity.rs/1.1/docs/how-tos/decentralized-identifiers/update.mdx @@ -21,7 +21,7 @@ while a service can provide metadata around the identity via URIs. ## Verification Methods -As demonstrated by the [example](#example) below, the IOTA Identity framework offers easy-to-use methods for adding +As demonstrated by the [example](#full-example-code) below, the IOTA Identity framework offers easy-to-use methods for adding [verification methods](https://www.w3.org/TR/did-core/#verification-methods). ### Properties diff --git a/docs/build/identity.rs/1.1/docs/how-tos/verifiable-credentials/create.mdx b/docs/build/identity.rs/1.1/docs/how-tos/verifiable-credentials/create.mdx index 1defe36e120..2069eefc7ad 100644 --- a/docs/build/identity.rs/1.1/docs/how-tos/verifiable-credentials/create.mdx +++ b/docs/build/identity.rs/1.1/docs/how-tos/verifiable-credentials/create.mdx @@ -39,7 +39,7 @@ In the IOTA Identity Framework, you can create a Verifiable Credential with the -## Signing {#signing} +## Signing After preparing the verifiable credential, the issuer creates a signed JWT containing VC in the claims using one of their private keys. This is what allows verifiers to validate the credential independently using the corresponding public key from the issuer's DID Document. @@ -71,7 +71,7 @@ and for enforcing [subject-holder relationships](https://www.w3.org/TR/vc-data-m ## Example -The following code showcases how an issuer can [create, sign](#create-and-sign-vc), +The following code showcases how an issuer can [create, sign](#create-and-sign-a-vc), and [validate](#validate-a-vc) a verifiable credential. In this example, the issuer signs a `UniversityDegreeCredential` with Alice's name and DID. diff --git a/docs/build/identity.rs/1.1/docs/how-tos/verifiable-credentials/revocation.mdx b/docs/build/identity.rs/1.1/docs/how-tos/verifiable-credentials/revocation.mdx index 41f67544da0..ccbd6790588 100644 --- a/docs/build/identity.rs/1.1/docs/how-tos/verifiable-credentials/revocation.mdx +++ b/docs/build/identity.rs/1.1/docs/how-tos/verifiable-credentials/revocation.mdx @@ -14,7 +14,7 @@ import TabItem from '@theme/TabItem'; # Revoke a Verifiable Credential -The [example](#example) below demonstrates two methods that an issuer can use to revoke a verifiable credential +The [example](#full-example-code) below demonstrates two methods that an issuer can use to revoke a verifiable credential using the IOTA Identity Framework: 1. By using the [`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status) field in a credential and linking diff --git a/docs/build/identity.rs/1.1/docs/references/specifications/revocation-bitmap-2022.mdx b/docs/build/identity.rs/1.1/docs/references/specifications/revocation-bitmap-2022.mdx index d166507c0d1..e52c5b4d686 100644 --- a/docs/build/identity.rs/1.1/docs/references/specifications/revocation-bitmap-2022.mdx +++ b/docs/build/identity.rs/1.1/docs/references/specifications/revocation-bitmap-2022.mdx @@ -188,7 +188,7 @@ Because of its space efficiency, a roaring bitmap is preferred for representing The [RevocationList2020 specification](https://w3c-ccg.github.io/vc-status-rl-2020/) and [StatusList2021 specification](https://w3c-ccg.github.io/vc-status-list-2021/) both describe a similar revocation mechanism using a verifiable credential that contains a bitmap, similar to the `RevocationBitmap2022` approach. The credential is hosted outside of the DID document and the verifier thus needs to fetch it from an external resource, likely one controlled by the issuer. This has privacy implications as the issuer can track where a fetch request for the credential came from and potentially infer who the credential was verified by and for what purpose. The issuer can also potentially infer which credential was checked. Because `RevocationBitmap2022` is embedded in the issuer's DID document, which can be obtained without the their knowledge, this approach does not suffer from these privacy shortcomings. See also the [privacy considerations](#privacy-considerations). -A downside of embedding the revocation list in the DID document is that storage in a distributed ledger (DLT) is usually more expensive than other storage hosting solutions. The DLT might also impose message size limitations, capping the total number of revocations that can be done (see also [compression](#compression)). +A downside of embedding the revocation list in the DID document is that storage in a distributed ledger (DLT) is usually more expensive than other storage hosting solutions. The DLT might also impose message size limitations, capping the total number of revocations that can be done (see also [compression](#compression-and-maximum-size)). Another difference is that `RevocationList2020` specifies a minimum initial size of 131,072 for its bitstring, to mitigate the potential for correlating individuals when few credentials have been issued. `RevocationBitmap2022` uses a roaring bitmap instead of a bitstring, so the maximum size is not fixed (apart from the upper bound of an unsigned 32-bit integer). This means the bitmap cannot be used to correlate small populations without more information not present in the bitmap itself. However, both schemes still reveal publicly how many credentials have been revoked, which could be used to infer other information if more knowledge about how an issuer assigns credential revocation indexes is known. diff --git a/docs/build/identity.rs/1.1/docs/workflow.mdx b/docs/build/identity.rs/1.1/docs/workflow.mdx index 70449a8673c..d65413f90e5 100644 --- a/docs/build/identity.rs/1.1/docs/workflow.mdx +++ b/docs/build/identity.rs/1.1/docs/workflow.mdx @@ -135,7 +135,7 @@ With the release process, we can deliver versions of our software to the communi The final list of changes from the [changelog](#changelog) informs the version of the release. If at least one change mapping to a major version is included, the major version needs to be incremented. In that case, the minor and patch versions are set to `0`. If there are no changes related to a major version, but changes related to a minor version are present, the minor version needs to be incremented while the patch version is set to `0`. Otherwise, only the patch version is incremented. Determining the version of the release is the responsibility of the person performing the release. -The determined version of the release is used to create the [hotfix](#hotfix) or [release](#release) branch. For example, a major release from the previous version `v2.3.1` will create the `release/v3.0.0` branch. +The determined version of the release is used to create the hotfix or [release](#release) branch. For example, a major release from the previous version `v2.3.1` will create the `release/v3.0.0` branch. Notice the `v` in front of the version. We [tag](https://git-scm.com/book/en/v2/Git-Basics-Tagging) all release in git in the form of `vMAJOR.MINOR.PATCH`. For bindings, we prefix the tag with the binding name, so a tag for Wasm would look like `wasm-v1.2.3`. Bindings and the core Rust library are versioned and released independently. diff --git a/docs/build/identity.rs/1.2/docs/explanations/verifiable-presentations.mdx b/docs/build/identity.rs/1.2/docs/explanations/verifiable-presentations.mdx index a0a68dafc3e..5ae4bc6cb6e 100644 --- a/docs/build/identity.rs/1.2/docs/explanations/verifiable-presentations.mdx +++ b/docs/build/identity.rs/1.2/docs/explanations/verifiable-presentations.mdx @@ -1,7 +1,7 @@ # Verifiable Presentations A verifiable presentation is the recommended data format for sharing one or more [verifiable credentials](./verifiable-credentials.mdx). -It is constructed and signed by a holder to prove control over their credentials and can be presented to a verifier for [validation](#validation). +It is constructed and signed by a holder to prove control over their credentials and can be presented to a verifier for validation. For instance, after an issuer [creates and issues](./../how-tos/verifiable-credentials/create.mdx) a [verifiable credential](./verifiable-credentials.mdx) to a holder, such as a university issuing a degree to a graduate, the holder stores it securely until asked to present it. diff --git a/docs/build/identity.rs/1.2/docs/getting-started/wasm.mdx b/docs/build/identity.rs/1.2/docs/getting-started/wasm.mdx index 3aac7533ab1..b35b6404e40 100644 --- a/docs/build/identity.rs/1.2/docs/getting-started/wasm.mdx +++ b/docs/build/identity.rs/1.2/docs/getting-started/wasm.mdx @@ -334,6 +334,6 @@ You may find it useful to see how the WASM bindings are being used in existing a - [Zebra IOTA Edge SDK](https://github.com/ZebraDevs/Zebra-Iota-Edge-SDK) (mobile apps using Capacitor.js + Svelte) -## [API Reference](/identity.rs/references/api/wasm) +## [API Reference](../references/api/wasm.mdx) ## [Examples](https://github.com/iotaledger/identity.rs/blob/v1.2.0/bindings/wasm/examples/README.md) diff --git a/docs/build/identity.rs/1.2/docs/how-tos/decentralized-identifiers/resolve.mdx b/docs/build/identity.rs/1.2/docs/how-tos/decentralized-identifiers/resolve.mdx index 1917eaa5d55..460d9af3b94 100644 --- a/docs/build/identity.rs/1.2/docs/how-tos/decentralized-identifiers/resolve.mdx +++ b/docs/build/identity.rs/1.2/docs/how-tos/decentralized-identifiers/resolve.mdx @@ -187,7 +187,7 @@ resolve the DID Documents of the [verifiable credential](./../../explanations/ve and presentation holder to verify their signatures. Resolving the necessary DID Documents is -[performed automatically when verifying presentations via the `Resolver`](../verifiable-presentations/create-and-validate.mdx#example) +[performed automatically when verifying presentations via the `Resolver`](../verifiable-presentations/create-and-validate.mdx#example-code) When direct access to these DID Documents is desired, the `Resolver` also provides standalone methods to: diff --git a/docs/build/identity.rs/1.2/docs/how-tos/decentralized-identifiers/update.mdx b/docs/build/identity.rs/1.2/docs/how-tos/decentralized-identifiers/update.mdx index 011b66e1583..3c97201ed1d 100644 --- a/docs/build/identity.rs/1.2/docs/how-tos/decentralized-identifiers/update.mdx +++ b/docs/build/identity.rs/1.2/docs/how-tos/decentralized-identifiers/update.mdx @@ -21,7 +21,7 @@ while a service can provide metadata around the identity via URIs. ## Verification Methods -As demonstrated by the [example](#example) below, the IOTA Identity framework offers easy-to-use methods for adding +As demonstrated by the [example](#full-example-code) below, the IOTA Identity framework offers easy-to-use methods for adding [verification methods](https://www.w3.org/TR/did-core/#verification-methods). ### Properties diff --git a/docs/build/identity.rs/1.2/docs/how-tos/verifiable-credentials/create.mdx b/docs/build/identity.rs/1.2/docs/how-tos/verifiable-credentials/create.mdx index 721ec1c7e7f..e22040648af 100644 --- a/docs/build/identity.rs/1.2/docs/how-tos/verifiable-credentials/create.mdx +++ b/docs/build/identity.rs/1.2/docs/how-tos/verifiable-credentials/create.mdx @@ -39,7 +39,7 @@ In the IOTA Identity Framework, you can create a Verifiable Credential with the -## Signing {#signing} +## Signing After preparing the verifiable credential, the issuer creates a signed JWT containing VC in the claims using one of their private keys. This is what allows verifiers to validate the credential independently using the corresponding public key from the issuer's DID Document. @@ -71,7 +71,7 @@ and for enforcing [subject-holder relationships](https://www.w3.org/TR/vc-data-m ## Example -The following code showcases how an issuer can [create, sign](#create-and-sign-vc), +The following code showcases how an issuer can [create, sign](#create-and-sign-a-vc), and [validate](#validate-a-vc) a verifiable credential. In this example, the issuer signs a `UniversityDegreeCredential` with Alice's name and DID. diff --git a/docs/build/identity.rs/1.2/docs/how-tos/verifiable-credentials/revocation.mdx b/docs/build/identity.rs/1.2/docs/how-tos/verifiable-credentials/revocation.mdx index 4e0ea19c185..b85f56f0201 100644 --- a/docs/build/identity.rs/1.2/docs/how-tos/verifiable-credentials/revocation.mdx +++ b/docs/build/identity.rs/1.2/docs/how-tos/verifiable-credentials/revocation.mdx @@ -14,7 +14,7 @@ import TabItem from '@theme/TabItem'; # Revoke a Verifiable Credential -The [example](#example) below demonstrates two methods that an issuer can use to revoke a verifiable credential +The [example](#full-example-code) below demonstrates two methods that an issuer can use to revoke a verifiable credential using the IOTA Identity Framework: 1. By using the [`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status) field in a credential and linking diff --git a/docs/build/identity.rs/1.2/docs/references/specifications/revocation-bitmap-2022.mdx b/docs/build/identity.rs/1.2/docs/references/specifications/revocation-bitmap-2022.mdx index d166507c0d1..e52c5b4d686 100644 --- a/docs/build/identity.rs/1.2/docs/references/specifications/revocation-bitmap-2022.mdx +++ b/docs/build/identity.rs/1.2/docs/references/specifications/revocation-bitmap-2022.mdx @@ -188,7 +188,7 @@ Because of its space efficiency, a roaring bitmap is preferred for representing The [RevocationList2020 specification](https://w3c-ccg.github.io/vc-status-rl-2020/) and [StatusList2021 specification](https://w3c-ccg.github.io/vc-status-list-2021/) both describe a similar revocation mechanism using a verifiable credential that contains a bitmap, similar to the `RevocationBitmap2022` approach. The credential is hosted outside of the DID document and the verifier thus needs to fetch it from an external resource, likely one controlled by the issuer. This has privacy implications as the issuer can track where a fetch request for the credential came from and potentially infer who the credential was verified by and for what purpose. The issuer can also potentially infer which credential was checked. Because `RevocationBitmap2022` is embedded in the issuer's DID document, which can be obtained without the their knowledge, this approach does not suffer from these privacy shortcomings. See also the [privacy considerations](#privacy-considerations). -A downside of embedding the revocation list in the DID document is that storage in a distributed ledger (DLT) is usually more expensive than other storage hosting solutions. The DLT might also impose message size limitations, capping the total number of revocations that can be done (see also [compression](#compression)). +A downside of embedding the revocation list in the DID document is that storage in a distributed ledger (DLT) is usually more expensive than other storage hosting solutions. The DLT might also impose message size limitations, capping the total number of revocations that can be done (see also [compression](#compression-and-maximum-size)). Another difference is that `RevocationList2020` specifies a minimum initial size of 131,072 for its bitstring, to mitigate the potential for correlating individuals when few credentials have been issued. `RevocationBitmap2022` uses a roaring bitmap instead of a bitstring, so the maximum size is not fixed (apart from the upper bound of an unsigned 32-bit integer). This means the bitmap cannot be used to correlate small populations without more information not present in the bitmap itself. However, both schemes still reveal publicly how many credentials have been revoked, which could be used to infer other information if more knowledge about how an issuer assigns credential revocation indexes is known. diff --git a/docs/build/identity.rs/1.2/docs/workflow.mdx b/docs/build/identity.rs/1.2/docs/workflow.mdx index 70449a8673c..d65413f90e5 100644 --- a/docs/build/identity.rs/1.2/docs/workflow.mdx +++ b/docs/build/identity.rs/1.2/docs/workflow.mdx @@ -135,7 +135,7 @@ With the release process, we can deliver versions of our software to the communi The final list of changes from the [changelog](#changelog) informs the version of the release. If at least one change mapping to a major version is included, the major version needs to be incremented. In that case, the minor and patch versions are set to `0`. If there are no changes related to a major version, but changes related to a minor version are present, the minor version needs to be incremented while the patch version is set to `0`. Otherwise, only the patch version is incremented. Determining the version of the release is the responsibility of the person performing the release. -The determined version of the release is used to create the [hotfix](#hotfix) or [release](#release) branch. For example, a major release from the previous version `v2.3.1` will create the `release/v3.0.0` branch. +The determined version of the release is used to create the hotfix or [release](#release) branch. For example, a major release from the previous version `v2.3.1` will create the `release/v3.0.0` branch. Notice the `v` in front of the version. We [tag](https://git-scm.com/book/en/v2/Git-Basics-Tagging) all release in git in the form of `vMAJOR.MINOR.PATCH`. For bindings, we prefix the tag with the binding name, so a tag for Wasm would look like `wasm-v1.2.3`. Bindings and the core Rust library are versioned and released independently. diff --git a/docs/build/identity.rs/1.3/docs/explanations/verifiable-presentations.mdx b/docs/build/identity.rs/1.3/docs/explanations/verifiable-presentations.mdx index a0a68dafc3e..5ae4bc6cb6e 100644 --- a/docs/build/identity.rs/1.3/docs/explanations/verifiable-presentations.mdx +++ b/docs/build/identity.rs/1.3/docs/explanations/verifiable-presentations.mdx @@ -1,7 +1,7 @@ # Verifiable Presentations A verifiable presentation is the recommended data format for sharing one or more [verifiable credentials](./verifiable-credentials.mdx). -It is constructed and signed by a holder to prove control over their credentials and can be presented to a verifier for [validation](#validation). +It is constructed and signed by a holder to prove control over their credentials and can be presented to a verifier for validation. For instance, after an issuer [creates and issues](./../how-tos/verifiable-credentials/create.mdx) a [verifiable credential](./verifiable-credentials.mdx) to a holder, such as a university issuing a degree to a graduate, the holder stores it securely until asked to present it. diff --git a/docs/build/identity.rs/1.3/docs/getting-started/wasm.mdx b/docs/build/identity.rs/1.3/docs/getting-started/wasm.mdx index ad1baaf48d3..2d95458d5df 100644 --- a/docs/build/identity.rs/1.3/docs/getting-started/wasm.mdx +++ b/docs/build/identity.rs/1.3/docs/getting-started/wasm.mdx @@ -334,6 +334,6 @@ You may find it useful to see how the WASM bindings are being used in existing a - [Zebra IOTA Edge SDK](https://github.com/ZebraDevs/Zebra-Iota-Edge-SDK) (mobile apps using Capacitor.js + Svelte) -## [API Reference](../references/api/wasm.mdx) +## [API Reference](../references/wasm/api_ref.md) ## [Examples](https://github.com/iotaledger/identity.rs/blob/v1.3.0/bindings/wasm/examples/README.md) diff --git a/docs/build/identity.rs/1.3/docs/how-tos/decentralized-identifiers/resolve.mdx b/docs/build/identity.rs/1.3/docs/how-tos/decentralized-identifiers/resolve.mdx index 1e5411f592d..04ab1b59f82 100644 --- a/docs/build/identity.rs/1.3/docs/how-tos/decentralized-identifiers/resolve.mdx +++ b/docs/build/identity.rs/1.3/docs/how-tos/decentralized-identifiers/resolve.mdx @@ -187,7 +187,7 @@ resolve the DID Documents of the [verifiable credential](./../../explanations/ve and presentation holder to verify their signatures. Resolving the necessary DID Documents is -[performed automatically when verifying presentations via the `Resolver`](../verifiable-presentations/create-and-validate.mdx#example) +[performed automatically when verifying presentations via the `Resolver`](../verifiable-presentations/create-and-validate.mdx#example-code) When direct access to these DID Documents is desired, the `Resolver` also provides standalone methods to: diff --git a/docs/build/identity.rs/1.3/docs/how-tos/decentralized-identifiers/update.mdx b/docs/build/identity.rs/1.3/docs/how-tos/decentralized-identifiers/update.mdx index 13e4dc22034..89b54998826 100644 --- a/docs/build/identity.rs/1.3/docs/how-tos/decentralized-identifiers/update.mdx +++ b/docs/build/identity.rs/1.3/docs/how-tos/decentralized-identifiers/update.mdx @@ -21,7 +21,7 @@ while a service can provide metadata around the identity via URIs. ## Verification Methods -As demonstrated by the [example](#example) below, the IOTA Identity framework offers easy-to-use methods for adding +As demonstrated by the [example](#full-example-code) below, the IOTA Identity framework offers easy-to-use methods for adding [verification methods](https://www.w3.org/TR/did-core/#verification-methods). ### Properties diff --git a/docs/build/identity.rs/1.3/docs/how-tos/verifiable-credentials/create.mdx b/docs/build/identity.rs/1.3/docs/how-tos/verifiable-credentials/create.mdx index 4598ecac57b..8d15cbd7bde 100644 --- a/docs/build/identity.rs/1.3/docs/how-tos/verifiable-credentials/create.mdx +++ b/docs/build/identity.rs/1.3/docs/how-tos/verifiable-credentials/create.mdx @@ -39,7 +39,7 @@ In the IOTA Identity Framework, you can create a Verifiable Credential with the -## Signing {#signing} +## Signing After preparing the verifiable credential, the issuer creates a signed JWT containing VC in the claims using one of their private keys. This is what allows verifiers to validate the credential independently using the corresponding public key from the issuer's DID Document. @@ -71,7 +71,7 @@ and for enforcing [subject-holder relationships](https://www.w3.org/TR/vc-data-m ## Example -The following code showcases how an issuer can [create, sign](#create-and-sign-vc), +The following code showcases how an issuer can [create, sign](#create-and-sign-a-vc), and [validate](#validate-a-vc) a verifiable credential. In this example, the issuer signs a `UniversityDegreeCredential` with Alice's name and DID. diff --git a/docs/build/identity.rs/1.3/docs/how-tos/verifiable-credentials/revocation.mdx b/docs/build/identity.rs/1.3/docs/how-tos/verifiable-credentials/revocation.mdx index 2e7c35e497d..46684b54dd5 100644 --- a/docs/build/identity.rs/1.3/docs/how-tos/verifiable-credentials/revocation.mdx +++ b/docs/build/identity.rs/1.3/docs/how-tos/verifiable-credentials/revocation.mdx @@ -14,7 +14,7 @@ import TabItem from '@theme/TabItem'; # Revoke a Verifiable Credential -The [example](#example) below demonstrates two methods that an issuer can use to revoke a verifiable credential +The [example](#full-example-code) below demonstrates two methods that an issuer can use to revoke a verifiable credential using the IOTA Identity Framework: 1. By using the [`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status) field in a credential and linking diff --git a/docs/build/identity.rs/1.3/docs/references/.gitignore b/docs/build/identity.rs/1.3/docs/references/.gitignore new file mode 100644 index 00000000000..f65e5817dd1 --- /dev/null +++ b/docs/build/identity.rs/1.3/docs/references/.gitignore @@ -0,0 +1 @@ +wasm diff --git a/docs/build/identity.rs/1.3/docs/references/api/wasm.mdx b/docs/build/identity.rs/1.3/docs/references/api/wasm.mdx deleted file mode 100644 index 48885d9e986..00000000000 --- a/docs/build/identity.rs/1.3/docs/references/api/wasm.mdx +++ /dev/null @@ -1,7684 +0,0 @@ ---- -title: WASM API Reference -description: WASM API reference. -image: /img/Identity_icon.png -tags: - - WASM - - API Reference ---- -# Wasm Api Reference - -## Classes - -
-
CoreDID
-

A method-agnostic Decentralized Identifier (DID).

-
-
CoreDocument
-

A method-agnostic DID Document.

-

Note: All methods that involve reading from this class may potentially raise an error -if the object is being concurrently modified.

-
-
Credential
-
-
CustomMethodData
-

A custom verification method data format.

-
-
DIDUrl
-

A method agnostic DID Url.

-
-
DecodedJptCredential
-
-
DecodedJptPresentation
-
-
DecodedJws
-

A cryptographically verified decoded token from a JWS.

-

Contains the decoded headers and the raw claims.

-
-
DecodedJwtCredential
-

A cryptographically verified and decoded Credential.

-

Note that having an instance of this type only means the JWS it was constructed from was verified. -It does not imply anything about a potentially present proof property on the credential itself.

-
-
DecodedJwtPresentation
-

A cryptographically verified and decoded presentation.

-

Note that having an instance of this type only means the JWS it was constructed from was verified. -It does not imply anything about a potentially present proof property on the presentation itself.

-
-
Disclosure
-

Represents an elements constructing a disclosure. -Object properties and array elements disclosures are supported.

-

See: https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-07.html#name-disclosures

-
-
DomainLinkageConfiguration
-

DID Configuration Resource which contains Domain Linkage Credentials. -It can be placed in an origin's .well-known directory to prove linkage between the origin and a DID. -See: https://identity.foundation/.well-known/resources/did-configuration/#did-configuration-resource

-

Note:

- -
-
Duration
-

A span of time.

-
-
EdDSAJwsVerifier
-

An implementor of IJwsVerifier that can handle the -EdDSA algorithm.

-
-
IotaDID
-

A DID conforming to the IOTA DID method specification.

-
-
IotaDocument
-

A DID Document adhering to the IOTA DID method specification.

-

Note: All methods that involve reading from this class may potentially raise an error -if the object is being concurrently modified.

-
-
IotaDocumentMetadata
-

Additional attributes related to an IOTA DID Document.

-
-
IotaIdentityClientExt
-

An extension interface that provides helper functions for publication -and resolution of DID documents in Alias Outputs.

-
-
IssuerProtectedHeader
-
-
Jpt
-

A JSON Proof Token (JPT).

-
-
JptCredentialValidationOptions
-

Options to declare validation criteria for Jpt.

-
-
JptCredentialValidator
-
-
JptCredentialValidatorUtils
-

Utility functions for validating JPT credentials.

-
-
JptPresentationValidationOptions
-

Options to declare validation criteria for a Jpt presentation.

-
-
JptPresentationValidator
-
-
JptPresentationValidatorUtils
-

Utility functions for verifying JPT presentations.

-
-
Jwk
-
-
JwkGenOutput
-

The result of a key generation in JwkStorage.

-
-
JwpCredentialOptions
-
-
JwpIssued
-
-
JwpPresentationOptions
-

Options to be set in the JWT claims of a verifiable presentation.

-
-
JwpVerificationOptions
-
-
Jws
-

A wrapper around a JSON Web Signature (JWS).

-
-
JwsHeader
-
-
JwsSignatureOptions
-
-
JwsVerificationOptions
-
-
Jwt
-

A wrapper around a JSON Web Token (JWK).

-
-
JwtCredentialValidationOptions
-

Options to declare validation criteria when validating credentials.

-
-
JwtCredentialValidator
-

A type for decoding and validating Credential.

-
-
JwtDomainLinkageValidator
-

A validator for a Domain Linkage Configuration and Credentials.

-
-
JwtPresentationOptions
-
-
JwtPresentationValidationOptions
-

Options to declare validation criteria when validating presentation.

-
-
JwtPresentationValidator
-
-
KeyBindingJWTValidationOptions
-

Options to declare validation criteria when validating credentials.

-
-
KeyBindingJwtClaims
-

Claims set for key binding JWT.

-
-
LinkedDomainService
-
-
MethodData
-

Supported verification method data formats.

-
-
MethodDigest
-

Unique identifier of a VerificationMethod.

-

NOTE: -This class does not have a JSON representation, -use the methods pack and unpack instead.

-
-
MethodScope
-

Supported verification method types.

-
-
MethodType
-

Supported verification method types.

-
-
PayloadEntry
-
-
Payloads
-
-
Presentation
-
-
PresentationProtectedHeader
-
-
Proof
-

Represents a cryptographic proof that can be used to validate verifiable credentials and -presentations.

-

This representation does not inherently implement any standard; instead, it -can be utilized to implement standards or user-defined proofs. The presence of the -type field is necessary to accommodate different types of cryptographic proofs.

-

Note that this proof is not related to JWT and can be used in combination or as an alternative -to it.

-
-
ProofUpdateCtx
-
-
Resolver
-

Convenience type for resolving DID documents from different DID methods.

-

Also provides methods for resolving DID Documents associated with -verifiable Credentials and Presentations.

-

Configuration

-

The resolver will only be able to resolve DID documents for methods it has been configured for in the constructor.

-
-
RevocationBitmap
-

A compressed bitmap for managing credential revocation.

-
-
RevocationTimeframeStatus
-

Information used to determine the current status of a Credential.

-
-
SdJwt
-

Representation of an SD-JWT of the format -<Issuer-signed JWT>~<Disclosure 1>~<Disclosure 2>~...~<Disclosure N>~<optional KB-JWT>.

-
-
SdJwtCredentialValidator
-

A type for decoding and validating Credential.

-
-
SdObjectDecoder
-

Substitutes digests in an SD-JWT object by their corresponding plaintext values provided by disclosures.

-
-
SdObjectEncoder
-

Transforms a JSON object into an SD-JWT object by substituting selected values -with their corresponding disclosure digests.

-

Note: digests are created using the sha-256 algorithm.

-
-
SelectiveDisclosurePresentation
-

Used to construct a JwpPresentedBuilder and handle the selective disclosure of attributes

-
    -
  • @context MUST NOT be blinded
  • -
  • id MUST be blinded
  • -
  • type MUST NOT be blinded
  • -
  • issuer MUST NOT be blinded
  • -
  • issuanceDate MUST be blinded (if Timeframe Revocation mechanism is used)
  • -
  • expirationDate MUST be blinded (if Timeframe Revocation mechanism is used)
  • -
  • credentialSubject (User have to choose which attribute must be blinded)
  • -
  • credentialSchema MUST NOT be blinded
  • -
  • credentialStatus MUST NOT be blinded
  • -
  • refreshService MUST NOT be blinded (probably will be used for Timeslot Revocation mechanism)
  • -
  • termsOfUse NO reason to use it in ZK VC (will be in any case blinded)
  • -
  • evidence (User have to choose which attribute must be blinded)
  • -
-
-
Service
-

A DID Document Service used to enable trusted interactions associated with a DID subject.

-
-
StatusList2021
-

StatusList2021 data structure as described in W3C's VC status list 2021.

-
-
StatusList2021Credential
-

A parsed StatusList2021Credential.

-
-
StatusList2021CredentialBuilder
-

Builder type to construct valid StatusList2021Credential istances.

-
-
StatusList2021Entry
-

StatusList2021Entry implementation.

-
-
Storage
-

A type wrapping a JwkStorage and KeyIdStorage that should always be used together when -working with storage backed DID documents.

-
-
Timestamp
-
-
UnknownCredential
-
-
VerificationMethod
-

A DID Document Verification Method.

-
-
- -## Members - -
-
StatusCheck
-

Controls validation behaviour when checking whether or not a credential has been revoked by its -credentialStatus.

-
-
Strict
-

Validate the status if supported, reject any unsupported -credentialStatus types.

-

Only RevocationBitmap2022 is currently supported.

-

This is the default.

-
-
SkipUnsupported
-

Validate the status if supported, skip any unsupported -credentialStatus types.

-
-
SkipAll
-

Skip all status checks.

-
-
CredentialStatus
-
-
PayloadType
-
-
ProofAlgorithm
-
-
StatusPurpose
-

Purpose of a StatusList2021.

-
-
FailFast
-

Declares when validation should return if an error occurs.

-
-
AllErrors
-

Return all errors that occur during validation.

-
-
FirstError
-

Return after the first error occurs.

-
-
StateMetadataEncoding
-
-
SerializationType
-
-
MethodRelationship
-
-
PresentationProofAlgorithm
-
-
SubjectHolderRelationship
-

Declares how credential subjects must relate to the presentation holder.

-

See also the Subject-Holder Relationship section of the specification.

-
-
AlwaysSubject
-

The holder must always match the subject on all credentials, regardless of their nonTransferable property. -This variant is the default.

-
-
SubjectOnNonTransferable
-

The holder must match the subject only for credentials where the nonTransferable property is true.

-
-
Any
-

The holder is not required to have any kind of relationship to any credential subject.

-
-
- -## Functions - -
-
encodeB64(data)string
-

Encode the given bytes in url-safe base64.

-
-
decodeB64(data)Uint8Array
-

Decode the given url-safe base64-encoded slice into its raw bytes.

-
-
start()
-

Initializes the console error panic hook for better error messages

-
-
verifyEd25519(alg, signingInput, decodedSignature, publicKey)
-

Verify a JWS signature secured with the EdDSA algorithm and curve Ed25519.

-

This function is useful when one is composing a IJwsVerifier that delegates -EdDSA verification with curve Ed25519 to this function.

-

Warning

-

This function does not check whether alg = EdDSA in the protected header. Callers are expected to assert this -prior to calling the function.

-
-
- - - -## CoreDID -A method-agnostic Decentralized Identifier (DID). - -**Kind**: global class - -* [CoreDID](#CoreDID) - * _instance_ - * [.setMethodName(value)](#CoreDID+setMethodName) - * [.setMethodId(value)](#CoreDID+setMethodId) - * [.scheme()](#CoreDID+scheme) ⇒ string - * [.authority()](#CoreDID+authority) ⇒ string - * [.method()](#CoreDID+method) ⇒ string - * [.methodId()](#CoreDID+methodId) ⇒ string - * [.join(segment)](#CoreDID+join) ⇒ [DIDUrl](#DIDUrl) - * [.toUrl()](#CoreDID+toUrl) ⇒ [DIDUrl](#DIDUrl) - * [.intoUrl()](#CoreDID+intoUrl) ⇒ [DIDUrl](#DIDUrl) - * [.toString()](#CoreDID+toString) ⇒ string - * [.toCoreDid()](#CoreDID+toCoreDid) ⇒ [CoreDID](#CoreDID) - * [.toJSON()](#CoreDID+toJSON) ⇒ any - * [.clone()](#CoreDID+clone) ⇒ [CoreDID](#CoreDID) - * _static_ - * [.parse(input)](#CoreDID.parse) ⇒ [CoreDID](#CoreDID) - * [.validMethodName(value)](#CoreDID.validMethodName) ⇒ boolean - * [.validMethodId(value)](#CoreDID.validMethodId) ⇒ boolean - * [.fromJSON(json)](#CoreDID.fromJSON) ⇒ [CoreDID](#CoreDID) - - - -### coreDID.setMethodName(value) -Set the method name of the [CoreDID](#CoreDID). - -**Kind**: instance method of [CoreDID](#CoreDID) - -| Param | Type | -| --- | --- | -| value | string | - - - -### coreDID.setMethodId(value) -Set the method-specific-id of the `DID`. - -**Kind**: instance method of [CoreDID](#CoreDID) - -| Param | Type | -| --- | --- | -| value | string | - - - -### coreDID.scheme() ⇒ string -Returns the [CoreDID](#CoreDID) scheme. - -E.g. -- `"did:example:12345678" -> "did"` -- `"did:iota:smr:12345678" -> "did"` - -**Kind**: instance method of [CoreDID](#CoreDID) - - -### coreDID.authority() ⇒ string -Returns the [CoreDID](#CoreDID) authority: the method name and method-id. - -E.g. -- `"did:example:12345678" -> "example:12345678"` -- `"did:iota:smr:12345678" -> "iota:smr:12345678"` - -**Kind**: instance method of [CoreDID](#CoreDID) - - -### coreDID.method() ⇒ string -Returns the [CoreDID](#CoreDID) method name. - -E.g. -- `"did:example:12345678" -> "example"` -- `"did:iota:smr:12345678" -> "iota"` - -**Kind**: instance method of [CoreDID](#CoreDID) - - -### coreDID.methodId() ⇒ string -Returns the [CoreDID](#CoreDID) method-specific ID. - -E.g. -- `"did:example:12345678" -> "12345678"` -- `"did:iota:smr:12345678" -> "smr:12345678"` - -**Kind**: instance method of [CoreDID](#CoreDID) - - -### coreDID.join(segment) ⇒ [DIDUrl](#DIDUrl) -Construct a new [DIDUrl](#DIDUrl) by joining with a relative DID Url string. - -**Kind**: instance method of [CoreDID](#CoreDID) - -| Param | Type | -| --- | --- | -| segment | string | - - - -### coreDID.toUrl() ⇒ [DIDUrl](#DIDUrl) -Clones the [CoreDID](#CoreDID) into a [DIDUrl](#DIDUrl). - -**Kind**: instance method of [CoreDID](#CoreDID) - - -### coreDID.intoUrl() ⇒ [DIDUrl](#DIDUrl) -Converts the [CoreDID](#CoreDID) into a [DIDUrl](#DIDUrl), consuming it. - -**Kind**: instance method of [CoreDID](#CoreDID) - - -### coreDID.toString() ⇒ string -Returns the [CoreDID](#CoreDID) as a string. - -**Kind**: instance method of [CoreDID](#CoreDID) - - -### coreDID.toCoreDid() ⇒ [CoreDID](#CoreDID) -**Kind**: instance method of [CoreDID](#CoreDID) - - -### coreDID.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [CoreDID](#CoreDID) - - -### coreDID.clone() ⇒ [CoreDID](#CoreDID) -Deep clones the object. - -**Kind**: instance method of [CoreDID](#CoreDID) - - -### CoreDID.parse(input) ⇒ [CoreDID](#CoreDID) -Parses a [CoreDID](#CoreDID) from the given `input`. - -### Errors - -Throws an error if the input is not a valid [CoreDID](#CoreDID). - -**Kind**: static method of [CoreDID](#CoreDID) - -| Param | Type | -| --- | --- | -| input | string | - - - -### CoreDID.validMethodName(value) ⇒ boolean -Validates whether a string is a valid DID method name. - -**Kind**: static method of [CoreDID](#CoreDID) - -| Param | Type | -| --- | --- | -| value | string | - - - -### CoreDID.validMethodId(value) ⇒ boolean -Validates whether a string is a valid `DID` method-id. - -**Kind**: static method of [CoreDID](#CoreDID) - -| Param | Type | -| --- | --- | -| value | string | - - - -### CoreDID.fromJSON(json) ⇒ [CoreDID](#CoreDID) -Deserializes an instance from a JSON object. - -**Kind**: static method of [CoreDID](#CoreDID) - -| Param | Type | -| --- | --- | -| json | any | - - - -## CoreDocument -A method-agnostic DID Document. - -Note: All methods that involve reading from this class may potentially raise an error -if the object is being concurrently modified. - -**Kind**: global class - -* [CoreDocument](#CoreDocument) - * [new CoreDocument(values)](#new_CoreDocument_new) - * _instance_ - * [.id()](#CoreDocument+id) ⇒ [CoreDID](#CoreDID) - * [.setId(id)](#CoreDocument+setId) - * [.controller()](#CoreDocument+controller) ⇒ [Array.<CoreDID>](#CoreDID) - * [.setController(controllers)](#CoreDocument+setController) - * [.alsoKnownAs()](#CoreDocument+alsoKnownAs) ⇒ Array.<string> - * [.setAlsoKnownAs(urls)](#CoreDocument+setAlsoKnownAs) - * [.verificationMethod()](#CoreDocument+verificationMethod) ⇒ [Array.<VerificationMethod>](#VerificationMethod) - * [.authentication()](#CoreDocument+authentication) ⇒ Array.<(DIDUrl\|VerificationMethod)> - * [.assertionMethod()](#CoreDocument+assertionMethod) ⇒ Array.<(DIDUrl\|VerificationMethod)> - * [.keyAgreement()](#CoreDocument+keyAgreement) ⇒ Array.<(DIDUrl\|VerificationMethod)> - * [.capabilityDelegation()](#CoreDocument+capabilityDelegation) ⇒ Array.<(DIDUrl\|VerificationMethod)> - * [.capabilityInvocation()](#CoreDocument+capabilityInvocation) ⇒ Array.<(DIDUrl\|VerificationMethod)> - * [.properties()](#CoreDocument+properties) ⇒ Map.<string, any> - * [.setPropertyUnchecked(key, value)](#CoreDocument+setPropertyUnchecked) - * [.service()](#CoreDocument+service) ⇒ [Array.<Service>](#Service) - * [.insertService(service)](#CoreDocument+insertService) - * [.removeService(didUrl)](#CoreDocument+removeService) ⇒ [Service](#Service) \| undefined - * [.resolveService(query)](#CoreDocument+resolveService) ⇒ [Service](#Service) \| undefined - * [.methods([scope])](#CoreDocument+methods) ⇒ [Array.<VerificationMethod>](#VerificationMethod) - * [.verificationRelationships()](#CoreDocument+verificationRelationships) ⇒ Array.<(DIDUrl\|VerificationMethod)> - * [.insertMethod(method, scope)](#CoreDocument+insertMethod) - * [.removeMethod(did)](#CoreDocument+removeMethod) ⇒ [VerificationMethod](#VerificationMethod) \| undefined - * [.resolveMethod(query, [scope])](#CoreDocument+resolveMethod) ⇒ [VerificationMethod](#VerificationMethod) \| undefined - * [.attachMethodRelationship(didUrl, relationship)](#CoreDocument+attachMethodRelationship) ⇒ boolean - * [.detachMethodRelationship(didUrl, relationship)](#CoreDocument+detachMethodRelationship) ⇒ boolean - * [.verifyJws(jws, options, signatureVerifier, [detachedPayload])](#CoreDocument+verifyJws) ⇒ [DecodedJws](#DecodedJws) - * [.revokeCredentials(serviceQuery, indices)](#CoreDocument+revokeCredentials) - * [.unrevokeCredentials(serviceQuery, indices)](#CoreDocument+unrevokeCredentials) - * [.clone()](#CoreDocument+clone) ⇒ [CoreDocument](#CoreDocument) - * [._shallowCloneInternal()](#CoreDocument+_shallowCloneInternal) ⇒ [CoreDocument](#CoreDocument) - * [._strongCountInternal()](#CoreDocument+_strongCountInternal) ⇒ number - * [.toJSON()](#CoreDocument+toJSON) ⇒ any - * [.generateMethod(storage, keyType, alg, fragment, scope)](#CoreDocument+generateMethod) ⇒ Promise.<string> - * [.purgeMethod(storage, id)](#CoreDocument+purgeMethod) ⇒ Promise.<void> - * [.createJws(storage, fragment, payload, options)](#CoreDocument+createJws) ⇒ [Promise.<Jws>](#Jws) - * [.createCredentialJwt(storage, fragment, credential, options, [custom_claims])](#CoreDocument+createCredentialJwt) ⇒ [Promise.<Jwt>](#Jwt) - * [.createPresentationJwt(storage, fragment, presentation, signature_options, presentation_options)](#CoreDocument+createPresentationJwt) ⇒ [Promise.<Jwt>](#Jwt) - * _static_ - * [.fromJSON(json)](#CoreDocument.fromJSON) ⇒ [CoreDocument](#CoreDocument) - - - -### new CoreDocument(values) -Creates a new [CoreDocument](#CoreDocument) with the given properties. - - -| Param | Type | -| --- | --- | -| values | ICoreDocument | - - - -### coreDocument.id() ⇒ [CoreDID](#CoreDID) -Returns a copy of the DID Document `id`. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.setId(id) -Sets the DID of the document. - -### Warning - -Changing the identifier can drastically alter the results of -`resolve_method`, `resolve_service` and the related -[DID URL dereferencing](https://w3c-ccg.github.io/did-resolution/#dereferencing) algorithm. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| id | [CoreDID](#CoreDID) | - - - -### coreDocument.controller() ⇒ [Array.<CoreDID>](#CoreDID) -Returns a copy of the document controllers. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.setController(controllers) -Sets the controllers of the DID Document. - -Note: Duplicates will be ignored. -Use `null` to remove all controllers. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| controllers | [CoreDID](#CoreDID) \| [Array.<CoreDID>](#CoreDID) \| null | - - - -### coreDocument.alsoKnownAs() ⇒ Array.<string> -Returns a copy of the document's `alsoKnownAs` set. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.setAlsoKnownAs(urls) -Sets the `alsoKnownAs` property in the DID document. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| urls | string \| Array.<string> \| null | - - - -### coreDocument.verificationMethod() ⇒ [Array.<VerificationMethod>](#VerificationMethod) -Returns a copy of the document's `verificationMethod` set. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.authentication() ⇒ Array.<(DIDUrl\|VerificationMethod)> -Returns a copy of the document's `authentication` set. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.assertionMethod() ⇒ Array.<(DIDUrl\|VerificationMethod)> -Returns a copy of the document's `assertionMethod` set. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.keyAgreement() ⇒ Array.<(DIDUrl\|VerificationMethod)> -Returns a copy of the document's `keyAgreement` set. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.capabilityDelegation() ⇒ Array.<(DIDUrl\|VerificationMethod)> -Returns a copy of the document's `capabilityDelegation` set. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.capabilityInvocation() ⇒ Array.<(DIDUrl\|VerificationMethod)> -Returns a copy of the document's `capabilityInvocation` set. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.properties() ⇒ Map.<string, any> -Returns a copy of the custom DID Document properties. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.setPropertyUnchecked(key, value) -Sets a custom property in the DID Document. -If the value is set to `null`, the custom property will be removed. - -### WARNING - -This method can overwrite existing properties like `id` and result in an invalid document. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| key | string | -| value | any | - - - -### coreDocument.service() ⇒ [Array.<Service>](#Service) -Returns a set of all [Service](#Service) in the document. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.insertService(service) -Add a new [Service](#Service) to the document. - -Errors if there already exists a service or verification method with the same id. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| service | [Service](#Service) | - - - -### coreDocument.removeService(didUrl) ⇒ [Service](#Service) \| undefined -Remove a [Service](#Service) identified by the given [DIDUrl](#DIDUrl) from the document. - -Returns `true` if the service was removed. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| didUrl | [DIDUrl](#DIDUrl) | - - - -### coreDocument.resolveService(query) ⇒ [Service](#Service) \| undefined -Returns the first [Service](#Service) with an `id` property matching the provided `query`, -if present. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| query | [DIDUrl](#DIDUrl) \| string | - - - -### coreDocument.methods([scope]) ⇒ [Array.<VerificationMethod>](#VerificationMethod) -Returns a list of all [VerificationMethod](#VerificationMethod) in the DID Document, -whose verification relationship matches `scope`. - -If `scope` is not set, a list over the **embedded** methods is returned. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| [scope] | [MethodScope](#MethodScope) \| undefined | - - - -### coreDocument.verificationRelationships() ⇒ Array.<(DIDUrl\|VerificationMethod)> -Returns an array of all verification relationships. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.insertMethod(method, scope) -Adds a new `method` to the document in the given `scope`. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| method | [VerificationMethod](#VerificationMethod) | -| scope | [MethodScope](#MethodScope) | - - - -### coreDocument.removeMethod(did) ⇒ [VerificationMethod](#VerificationMethod) \| undefined -Removes all references to the specified Verification Method. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| did | [DIDUrl](#DIDUrl) | - - - -### coreDocument.resolveMethod(query, [scope]) ⇒ [VerificationMethod](#VerificationMethod) \| undefined -Returns a copy of the first verification method with an `id` property -matching the provided `query` and the verification relationship -specified by `scope`, if present. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| query | [DIDUrl](#DIDUrl) \| string | -| [scope] | [MethodScope](#MethodScope) \| undefined | - - - -### coreDocument.attachMethodRelationship(didUrl, relationship) ⇒ boolean -Attaches the relationship to the given method, if the method exists. - -Note: The method needs to be in the set of verification methods, -so it cannot be an embedded one. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| didUrl | [DIDUrl](#DIDUrl) | -| relationship | [MethodRelationship](#MethodRelationship) | - - - -### coreDocument.detachMethodRelationship(didUrl, relationship) ⇒ boolean -Detaches the given relationship from the given method, if the method exists. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| didUrl | [DIDUrl](#DIDUrl) | -| relationship | [MethodRelationship](#MethodRelationship) | - - - -### coreDocument.verifyJws(jws, options, signatureVerifier, [detachedPayload]) ⇒ [DecodedJws](#DecodedJws) -Decodes and verifies the provided JWS according to the passed `options` and `signatureVerifier`. - If no `signatureVerifier` argument is provided a default verifier will be used that is (only) capable of -verifying EdDSA signatures. - -Regardless of which options are passed the following conditions must be met in order for a verification attempt to -take place. -- The JWS must be encoded according to the JWS compact serialization. -- The `kid` value in the protected header must be an identifier of a verification method in this DID document, -or set explicitly in the `options`. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| jws | [Jws](#Jws) | -| options | [JwsVerificationOptions](#JwsVerificationOptions) | -| signatureVerifier | IJwsVerifier | -| [detachedPayload] | string \| undefined | - - - -### coreDocument.revokeCredentials(serviceQuery, indices) -If the document has a [RevocationBitmap](#RevocationBitmap) service identified by `serviceQuery`, -revoke all specified `indices`. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| serviceQuery | [DIDUrl](#DIDUrl) \| string | -| indices | number \| Array.<number> | - - - -### coreDocument.unrevokeCredentials(serviceQuery, indices) -If the document has a [RevocationBitmap](#RevocationBitmap) service identified by `serviceQuery`, -unrevoke all specified `indices`. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| serviceQuery | [DIDUrl](#DIDUrl) \| string | -| indices | number \| Array.<number> | - - - -### coreDocument.clone() ⇒ [CoreDocument](#CoreDocument) -Deep clones the [CoreDocument](#CoreDocument). - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.\_shallowCloneInternal() ⇒ [CoreDocument](#CoreDocument) -### Warning -This is for internal use only. Do not rely on or call this method. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.\_strongCountInternal() ⇒ number -### Warning -This is for internal use only. Do not rely on or call this method. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.toJSON() ⇒ any -Serializes to a plain JS representation. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - - -### coreDocument.generateMethod(storage, keyType, alg, fragment, scope) ⇒ Promise.<string> -Generate new key material in the given `storage` and insert a new verification method with the corresponding -public key material into the DID document. - -- If no fragment is given the `kid` of the generated JWK is used, if it is set, otherwise an error is returned. -- The `keyType` must be compatible with the given `storage`. `Storage`s are expected to export key type constants -for that use case. - -The fragment of the generated method is returned. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| keyType | string | -| alg | JwsAlgorithm | -| fragment | string \| undefined | -| scope | [MethodScope](#MethodScope) | - - - -### coreDocument.purgeMethod(storage, id) ⇒ Promise.<void> -Remove the method identified by the `fragment` from the document and delete the corresponding key material in -the `storage`. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| id | [DIDUrl](#DIDUrl) | - - - -### coreDocument.createJws(storage, fragment, payload, options) ⇒ [Promise.<Jws>](#Jws) -Sign the `payload` according to `options` with the storage backed private key corresponding to the public key -material in the verification method identified by the given `fragment. - -Upon success a string representing a JWS encoded according to the Compact JWS Serialization format is returned. -See [RFC7515 section 3.1](https://www.rfc-editor.org/rfc/rfc7515#section-3.1). - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| fragment | string | -| payload | string | -| options | [JwsSignatureOptions](#JwsSignatureOptions) | - - - -### coreDocument.createCredentialJwt(storage, fragment, credential, options, [custom_claims]) ⇒ [Promise.<Jwt>](#Jwt) -Produces a JWT where the payload is produced from the given `credential` -in accordance with [VC Data Model v1.1](https://www.w3.org/TR/vc-data-model/#json-web-token). - -Unless the `kid` is explicitly set in the options, the `kid` in the protected header is the `id` -of the method identified by `fragment` and the JWS signature will be produced by the corresponding -private key backed by the `storage` in accordance with the passed `options`. - -The `custom_claims` can be used to set additional claims on the resulting JWT. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| fragment | string | -| credential | [Credential](#Credential) | -| options | [JwsSignatureOptions](#JwsSignatureOptions) | -| [custom_claims] | Record.<string, any> \| undefined | - - - -### coreDocument.createPresentationJwt(storage, fragment, presentation, signature_options, presentation_options) ⇒ [Promise.<Jwt>](#Jwt) -Produces a JWT where the payload is produced from the given presentation. -in accordance with [VC Data Model v1.1](https://www.w3.org/TR/vc-data-model/#json-web-token). - -Unless the `kid` is explicitly set in the options, the `kid` in the protected header is the `id` -of the method identified by `fragment` and the JWS signature will be produced by the corresponding -private key backed by the `storage` in accordance with the passed `options`. - -**Kind**: instance method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| fragment | string | -| presentation | [Presentation](#Presentation) | -| signature_options | [JwsSignatureOptions](#JwsSignatureOptions) | -| presentation_options | [JwtPresentationOptions](#JwtPresentationOptions) | - - - -### CoreDocument.fromJSON(json) ⇒ [CoreDocument](#CoreDocument) -Deserializes an instance from a plain JS representation. - -**Kind**: static method of [CoreDocument](#CoreDocument) - -| Param | Type | -| --- | --- | -| json | any | - - - -## Credential -**Kind**: global class - -* [Credential](#Credential) - * [new Credential(values)](#new_Credential_new) - * _instance_ - * [.context()](#Credential+context) ⇒ Array.<(string\|Record.<string, any>)> - * [.id()](#Credential+id) ⇒ string \| undefined - * [.type()](#Credential+type) ⇒ Array.<string> - * [.credentialSubject()](#Credential+credentialSubject) ⇒ Array.<Subject> - * [.issuer()](#Credential+issuer) ⇒ string \| Issuer - * [.issuanceDate()](#Credential+issuanceDate) ⇒ [Timestamp](#Timestamp) - * [.expirationDate()](#Credential+expirationDate) ⇒ [Timestamp](#Timestamp) \| undefined - * [.credentialStatus()](#Credential+credentialStatus) ⇒ Array.<Status> - * [.credentialSchema()](#Credential+credentialSchema) ⇒ Array.<Schema> - * [.refreshService()](#Credential+refreshService) ⇒ Array.<RefreshService> - * [.termsOfUse()](#Credential+termsOfUse) ⇒ Array.<Policy> - * [.evidence()](#Credential+evidence) ⇒ Array.<Evidence> - * [.nonTransferable()](#Credential+nonTransferable) ⇒ boolean \| undefined - * [.proof()](#Credential+proof) ⇒ [Proof](#Proof) \| undefined - * [.properties()](#Credential+properties) ⇒ Map.<string, any> - * [.setProof([proof])](#Credential+setProof) - * [.toJwtClaims([custom_claims])](#Credential+toJwtClaims) ⇒ Record.<string, any> - * [.toJSON()](#Credential+toJSON) ⇒ any - * [.clone()](#Credential+clone) ⇒ [Credential](#Credential) - * _static_ - * [.BaseContext()](#Credential.BaseContext) ⇒ string - * [.BaseType()](#Credential.BaseType) ⇒ string - * [.createDomainLinkageCredential(values)](#Credential.createDomainLinkageCredential) ⇒ [Credential](#Credential) - * [.fromJSON(json)](#Credential.fromJSON) ⇒ [Credential](#Credential) - - - -### new Credential(values) -Constructs a new [Credential](#Credential). - - -| Param | Type | -| --- | --- | -| values | ICredential | - - - -### credential.context() ⇒ Array.<(string\|Record.<string, any>)> -Returns a copy of the JSON-LD context(s) applicable to the [Credential](#Credential). - -**Kind**: instance method of [Credential](#Credential) - - -### credential.id() ⇒ string \| undefined -Returns a copy of the unique `URI` identifying the [Credential](#Credential) . - -**Kind**: instance method of [Credential](#Credential) - - -### credential.type() ⇒ Array.<string> -Returns a copy of the URIs defining the type of the [Credential](#Credential). - -**Kind**: instance method of [Credential](#Credential) - - -### credential.credentialSubject() ⇒ Array.<Subject> -Returns a copy of the [Credential](#Credential) subject(s). - -**Kind**: instance method of [Credential](#Credential) - - -### credential.issuer() ⇒ string \| Issuer -Returns a copy of the issuer of the [Credential](#Credential). - -**Kind**: instance method of [Credential](#Credential) - - -### credential.issuanceDate() ⇒ [Timestamp](#Timestamp) -Returns a copy of the timestamp of when the [Credential](#Credential) becomes valid. - -**Kind**: instance method of [Credential](#Credential) - - -### credential.expirationDate() ⇒ [Timestamp](#Timestamp) \| undefined -Returns a copy of the timestamp of when the [Credential](#Credential) should no longer be considered valid. - -**Kind**: instance method of [Credential](#Credential) - - -### credential.credentialStatus() ⇒ Array.<Status> -Returns a copy of the information used to determine the current status of the [Credential](#Credential). - -**Kind**: instance method of [Credential](#Credential) - - -### credential.credentialSchema() ⇒ Array.<Schema> -Returns a copy of the information used to assist in the enforcement of a specific [Credential](#Credential) structure. - -**Kind**: instance method of [Credential](#Credential) - - -### credential.refreshService() ⇒ Array.<RefreshService> -Returns a copy of the service(s) used to refresh an expired [Credential](#Credential). - -**Kind**: instance method of [Credential](#Credential) - - -### credential.termsOfUse() ⇒ Array.<Policy> -Returns a copy of the terms-of-use specified by the [Credential](#Credential) issuer. - -**Kind**: instance method of [Credential](#Credential) - - -### credential.evidence() ⇒ Array.<Evidence> -Returns a copy of the human-readable evidence used to support the claims within the [Credential](#Credential). - -**Kind**: instance method of [Credential](#Credential) - - -### credential.nonTransferable() ⇒ boolean \| undefined -Returns whether or not the [Credential](#Credential) must only be contained within a [Presentation](#Presentation) -with a proof issued from the [Credential](#Credential) subject. - -**Kind**: instance method of [Credential](#Credential) - - -### credential.proof() ⇒ [Proof](#Proof) \| undefined -Optional cryptographic proof, unrelated to JWT. - -**Kind**: instance method of [Credential](#Credential) - - -### credential.properties() ⇒ Map.<string, any> -Returns a copy of the miscellaneous properties on the [Credential](#Credential). - -**Kind**: instance method of [Credential](#Credential) - - -### credential.setProof([proof]) -Sets the `proof` property of the [Credential](#Credential). - -Note that this proof is not related to JWT. - -**Kind**: instance method of [Credential](#Credential) - -| Param | Type | -| --- | --- | -| [proof] | [Proof](#Proof) \| undefined | - - - -### credential.toJwtClaims([custom_claims]) ⇒ Record.<string, any> -Serializes the `Credential` as a JWT claims set -in accordance with [VC Data Model v1.1](https://www.w3.org/TR/vc-data-model/#json-web-token). - -The resulting object can be used as the payload of a JWS when issuing the credential. - -**Kind**: instance method of [Credential](#Credential) - -| Param | Type | -| --- | --- | -| [custom_claims] | Record.<string, any> \| undefined | - - - -### credential.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [Credential](#Credential) - - -### credential.clone() ⇒ [Credential](#Credential) -Deep clones the object. - -**Kind**: instance method of [Credential](#Credential) - - -### Credential.BaseContext() ⇒ string -Returns the base JSON-LD context. - -**Kind**: static method of [Credential](#Credential) - - -### Credential.BaseType() ⇒ string -Returns the base type. - -**Kind**: static method of [Credential](#Credential) - - -### Credential.createDomainLinkageCredential(values) ⇒ [Credential](#Credential) -**Kind**: static method of [Credential](#Credential) - -| Param | Type | -| --- | --- | -| values | IDomainLinkageCredential | - - - -### Credential.fromJSON(json) ⇒ [Credential](#Credential) -Deserializes an instance from a JSON object. - -**Kind**: static method of [Credential](#Credential) - -| Param | Type | -| --- | --- | -| json | any | - - - -## CustomMethodData -A custom verification method data format. - -**Kind**: global class - -* [CustomMethodData](#CustomMethodData) - * [new CustomMethodData(name, data)](#new_CustomMethodData_new) - * _instance_ - * [.clone()](#CustomMethodData+clone) ⇒ [CustomMethodData](#CustomMethodData) - * [.toJSON()](#CustomMethodData+toJSON) ⇒ any - * _static_ - * [.fromJSON(json)](#CustomMethodData.fromJSON) ⇒ [CustomMethodData](#CustomMethodData) - - - -### new CustomMethodData(name, data) - -| Param | Type | -| --- | --- | -| name | string | -| data | any | - - - -### customMethodData.clone() ⇒ [CustomMethodData](#CustomMethodData) -Deep clones the object. - -**Kind**: instance method of [CustomMethodData](#CustomMethodData) - - -### customMethodData.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [CustomMethodData](#CustomMethodData) - - -### CustomMethodData.fromJSON(json) ⇒ [CustomMethodData](#CustomMethodData) -Deserializes an instance from a JSON object. - -**Kind**: static method of [CustomMethodData](#CustomMethodData) - -| Param | Type | -| --- | --- | -| json | any | - - - -## DIDUrl -A method agnostic DID Url. - -**Kind**: global class - -* [DIDUrl](#DIDUrl) - * _instance_ - * [.did()](#DIDUrl+did) ⇒ [CoreDID](#CoreDID) - * [.urlStr()](#DIDUrl+urlStr) ⇒ string - * [.fragment()](#DIDUrl+fragment) ⇒ string \| undefined - * [.setFragment([value])](#DIDUrl+setFragment) - * [.path()](#DIDUrl+path) ⇒ string \| undefined - * [.setPath([value])](#DIDUrl+setPath) - * [.query()](#DIDUrl+query) ⇒ string \| undefined - * [.setQuery([value])](#DIDUrl+setQuery) - * [.join(segment)](#DIDUrl+join) ⇒ [DIDUrl](#DIDUrl) - * [.toString()](#DIDUrl+toString) ⇒ string - * [.toJSON()](#DIDUrl+toJSON) ⇒ any - * [.clone()](#DIDUrl+clone) ⇒ [DIDUrl](#DIDUrl) - * _static_ - * [.parse(input)](#DIDUrl.parse) ⇒ [DIDUrl](#DIDUrl) - * [.fromJSON(json)](#DIDUrl.fromJSON) ⇒ [DIDUrl](#DIDUrl) - - - -### didUrl.did() ⇒ [CoreDID](#CoreDID) -Return a copy of the [CoreDID](#CoreDID) section of the [DIDUrl](#DIDUrl). - -**Kind**: instance method of [DIDUrl](#DIDUrl) - - -### didUrl.urlStr() ⇒ string -Return a copy of the relative DID Url as a string, including only the path, query, and fragment. - -**Kind**: instance method of [DIDUrl](#DIDUrl) - - -### didUrl.fragment() ⇒ string \| undefined -Returns a copy of the [DIDUrl](#DIDUrl) method fragment, if any. Excludes the leading '#'. - -**Kind**: instance method of [DIDUrl](#DIDUrl) - - -### didUrl.setFragment([value]) -Sets the `fragment` component of the [DIDUrl](#DIDUrl). - -**Kind**: instance method of [DIDUrl](#DIDUrl) - -| Param | Type | -| --- | --- | -| [value] | string \| undefined | - - - -### didUrl.path() ⇒ string \| undefined -Returns a copy of the [DIDUrl](#DIDUrl) path. - -**Kind**: instance method of [DIDUrl](#DIDUrl) - - -### didUrl.setPath([value]) -Sets the `path` component of the [DIDUrl](#DIDUrl). - -**Kind**: instance method of [DIDUrl](#DIDUrl) - -| Param | Type | -| --- | --- | -| [value] | string \| undefined | - - - -### didUrl.query() ⇒ string \| undefined -Returns a copy of the [DIDUrl](#DIDUrl) method query, if any. Excludes the leading '?'. - -**Kind**: instance method of [DIDUrl](#DIDUrl) - - -### didUrl.setQuery([value]) -Sets the `query` component of the [DIDUrl](#DIDUrl). - -**Kind**: instance method of [DIDUrl](#DIDUrl) - -| Param | Type | -| --- | --- | -| [value] | string \| undefined | - - - -### didUrl.join(segment) ⇒ [DIDUrl](#DIDUrl) -Append a string representing a path, query, and/or fragment, returning a new [DIDUrl](#DIDUrl). - -Must begin with a valid delimiter character: '/', '?', '#'. Overwrites the existing URL -segment and any following segments in order of path, query, then fragment. - -I.e. -- joining a path will clear the query and fragment. -- joining a query will clear the fragment. -- joining a fragment will only overwrite the fragment. - -**Kind**: instance method of [DIDUrl](#DIDUrl) - -| Param | Type | -| --- | --- | -| segment | string | - - - -### didUrl.toString() ⇒ string -Returns the [DIDUrl](#DIDUrl) as a string. - -**Kind**: instance method of [DIDUrl](#DIDUrl) - - -### didUrl.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [DIDUrl](#DIDUrl) - - -### didUrl.clone() ⇒ [DIDUrl](#DIDUrl) -Deep clones the object. - -**Kind**: instance method of [DIDUrl](#DIDUrl) - - -### DIDUrl.parse(input) ⇒ [DIDUrl](#DIDUrl) -Parses a [DIDUrl](#DIDUrl) from the input string. - -**Kind**: static method of [DIDUrl](#DIDUrl) - -| Param | Type | -| --- | --- | -| input | string | - - - -### DIDUrl.fromJSON(json) ⇒ [DIDUrl](#DIDUrl) -Deserializes an instance from a JSON object. - -**Kind**: static method of [DIDUrl](#DIDUrl) - -| Param | Type | -| --- | --- | -| json | any | - - - -## DecodedJptCredential -**Kind**: global class - -* [DecodedJptCredential](#DecodedJptCredential) - * [.clone()](#DecodedJptCredential+clone) ⇒ [DecodedJptCredential](#DecodedJptCredential) - * [.credential()](#DecodedJptCredential+credential) ⇒ [Credential](#Credential) - * [.customClaims()](#DecodedJptCredential+customClaims) ⇒ Map.<string, any> - * [.decodedJwp()](#DecodedJptCredential+decodedJwp) ⇒ [JwpIssued](#JwpIssued) - - - -### decodedJptCredential.clone() ⇒ [DecodedJptCredential](#DecodedJptCredential) -Deep clones the object. - -**Kind**: instance method of [DecodedJptCredential](#DecodedJptCredential) - - -### decodedJptCredential.credential() ⇒ [Credential](#Credential) -Returns the [Credential](#Credential) embedded into this JPT. - -**Kind**: instance method of [DecodedJptCredential](#DecodedJptCredential) - - -### decodedJptCredential.customClaims() ⇒ Map.<string, any> -Returns the custom claims parsed from the JPT. - -**Kind**: instance method of [DecodedJptCredential](#DecodedJptCredential) - - -### decodedJptCredential.decodedJwp() ⇒ [JwpIssued](#JwpIssued) -**Kind**: instance method of [DecodedJptCredential](#DecodedJptCredential) - - -## DecodedJptPresentation -**Kind**: global class - -* [DecodedJptPresentation](#DecodedJptPresentation) - * [.clone()](#DecodedJptPresentation+clone) ⇒ [DecodedJptPresentation](#DecodedJptPresentation) - * [.credential()](#DecodedJptPresentation+credential) ⇒ [Credential](#Credential) - * [.customClaims()](#DecodedJptPresentation+customClaims) ⇒ Map.<string, any> - * [.aud()](#DecodedJptPresentation+aud) ⇒ string \| undefined - - - -### decodedJptPresentation.clone() ⇒ [DecodedJptPresentation](#DecodedJptPresentation) -Deep clones the object. - -**Kind**: instance method of [DecodedJptPresentation](#DecodedJptPresentation) - - -### decodedJptPresentation.credential() ⇒ [Credential](#Credential) -Returns the [Credential](#Credential) embedded into this JPT. - -**Kind**: instance method of [DecodedJptPresentation](#DecodedJptPresentation) - - -### decodedJptPresentation.customClaims() ⇒ Map.<string, any> -Returns the custom claims parsed from the JPT. - -**Kind**: instance method of [DecodedJptPresentation](#DecodedJptPresentation) - - -### decodedJptPresentation.aud() ⇒ string \| undefined -Returns the `aud` property parsed from the JWT claims. - -**Kind**: instance method of [DecodedJptPresentation](#DecodedJptPresentation) - - -## DecodedJws -A cryptographically verified decoded token from a JWS. - -Contains the decoded headers and the raw claims. - -**Kind**: global class - -* [DecodedJws](#DecodedJws) - * [.claims()](#DecodedJws+claims) ⇒ string - * [.claimsBytes()](#DecodedJws+claimsBytes) ⇒ Uint8Array - * [.protectedHeader()](#DecodedJws+protectedHeader) ⇒ [JwsHeader](#JwsHeader) - * [.clone()](#DecodedJws+clone) ⇒ [DecodedJws](#DecodedJws) - * [.toJSON()](#DecodedJws+toJSON) ⇒ any - - - -### decodedJws.claims() ⇒ string -Returns a copy of the parsed claims represented as a string. - -# Errors -An error is thrown if the claims cannot be represented as a string. - -This error can only occur if the Token was decoded from a detached payload. - -**Kind**: instance method of [DecodedJws](#DecodedJws) - - -### decodedJws.claimsBytes() ⇒ Uint8Array -Return a copy of the parsed claims represented as an array of bytes. - -**Kind**: instance method of [DecodedJws](#DecodedJws) - - -### decodedJws.protectedHeader() ⇒ [JwsHeader](#JwsHeader) -Returns a copy of the protected header. - -**Kind**: instance method of [DecodedJws](#DecodedJws) - - -### decodedJws.clone() ⇒ [DecodedJws](#DecodedJws) -Deep clones the object. - -**Kind**: instance method of [DecodedJws](#DecodedJws) - - -### decodedJws.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [DecodedJws](#DecodedJws) - - -## DecodedJwtCredential -A cryptographically verified and decoded Credential. - -Note that having an instance of this type only means the JWS it was constructed from was verified. -It does not imply anything about a potentially present proof property on the credential itself. - -**Kind**: global class - -* [DecodedJwtCredential](#DecodedJwtCredential) - * [.credential()](#DecodedJwtCredential+credential) ⇒ [Credential](#Credential) - * [.protectedHeader()](#DecodedJwtCredential+protectedHeader) ⇒ [JwsHeader](#JwsHeader) - * [.customClaims()](#DecodedJwtCredential+customClaims) ⇒ Record.<string, any> \| undefined - * [.intoCredential()](#DecodedJwtCredential+intoCredential) ⇒ [Credential](#Credential) - - - -### decodedJwtCredential.credential() ⇒ [Credential](#Credential) -Returns a copy of the credential parsed to the [Verifiable Credentials Data model](https://www.w3.org/TR/vc-data-model/). - -**Kind**: instance method of [DecodedJwtCredential](#DecodedJwtCredential) - - -### decodedJwtCredential.protectedHeader() ⇒ [JwsHeader](#JwsHeader) -Returns a copy of the protected header parsed from the decoded JWS. - -**Kind**: instance method of [DecodedJwtCredential](#DecodedJwtCredential) - - -### decodedJwtCredential.customClaims() ⇒ Record.<string, any> \| undefined -The custom claims parsed from the JWT. - -**Kind**: instance method of [DecodedJwtCredential](#DecodedJwtCredential) - - -### decodedJwtCredential.intoCredential() ⇒ [Credential](#Credential) -Consumes the object and returns the decoded credential. - -### Warning - -This destroys the [DecodedJwtCredential](#DecodedJwtCredential) object. - -**Kind**: instance method of [DecodedJwtCredential](#DecodedJwtCredential) - - -## DecodedJwtPresentation -A cryptographically verified and decoded presentation. - -Note that having an instance of this type only means the JWS it was constructed from was verified. -It does not imply anything about a potentially present proof property on the presentation itself. - -**Kind**: global class - -* [DecodedJwtPresentation](#DecodedJwtPresentation) - * [.presentation()](#DecodedJwtPresentation+presentation) ⇒ [Presentation](#Presentation) - * [.protectedHeader()](#DecodedJwtPresentation+protectedHeader) ⇒ [JwsHeader](#JwsHeader) - * [.intoPresentation()](#DecodedJwtPresentation+intoPresentation) ⇒ [Presentation](#Presentation) - * [.expirationDate()](#DecodedJwtPresentation+expirationDate) ⇒ [Timestamp](#Timestamp) \| undefined - * [.issuanceDate()](#DecodedJwtPresentation+issuanceDate) ⇒ [Timestamp](#Timestamp) \| undefined - * [.audience()](#DecodedJwtPresentation+audience) ⇒ string \| undefined - * [.customClaims()](#DecodedJwtPresentation+customClaims) ⇒ Record.<string, any> \| undefined - - - -### decodedJwtPresentation.presentation() ⇒ [Presentation](#Presentation) -**Kind**: instance method of [DecodedJwtPresentation](#DecodedJwtPresentation) - - -### decodedJwtPresentation.protectedHeader() ⇒ [JwsHeader](#JwsHeader) -Returns a copy of the protected header parsed from the decoded JWS. - -**Kind**: instance method of [DecodedJwtPresentation](#DecodedJwtPresentation) - - -### decodedJwtPresentation.intoPresentation() ⇒ [Presentation](#Presentation) -Consumes the object and returns the decoded presentation. - -### Warning -This destroys the [DecodedJwtPresentation](#DecodedJwtPresentation) object. - -**Kind**: instance method of [DecodedJwtPresentation](#DecodedJwtPresentation) - - -### decodedJwtPresentation.expirationDate() ⇒ [Timestamp](#Timestamp) \| undefined -The expiration date parsed from the JWT claims. - -**Kind**: instance method of [DecodedJwtPresentation](#DecodedJwtPresentation) - - -### decodedJwtPresentation.issuanceDate() ⇒ [Timestamp](#Timestamp) \| undefined -The issuance date parsed from the JWT claims. - -**Kind**: instance method of [DecodedJwtPresentation](#DecodedJwtPresentation) - - -### decodedJwtPresentation.audience() ⇒ string \| undefined -The `aud` property parsed from JWT claims. - -**Kind**: instance method of [DecodedJwtPresentation](#DecodedJwtPresentation) - - -### decodedJwtPresentation.customClaims() ⇒ Record.<string, any> \| undefined -The custom claims parsed from the JWT. - -**Kind**: instance method of [DecodedJwtPresentation](#DecodedJwtPresentation) - - -## Disclosure -Represents an elements constructing a disclosure. -Object properties and array elements disclosures are supported. - -See: https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-07.html#name-disclosures - -**Kind**: global class - -* [Disclosure](#Disclosure) - * [new Disclosure(salt, claim_name, claim_value)](#new_Disclosure_new) - * _instance_ - * [.disclosure()](#Disclosure+disclosure) ⇒ string - * [.toEncodedString()](#Disclosure+toEncodedString) ⇒ string - * [.toString()](#Disclosure+toString) ⇒ string - * [.salt()](#Disclosure+salt) ⇒ string - * [.claimName()](#Disclosure+claimName) ⇒ string \| undefined - * [.claimValue()](#Disclosure+claimValue) ⇒ any - * [.toJSON()](#Disclosure+toJSON) ⇒ any - * _static_ - * [.parse(disclosure)](#Disclosure.parse) ⇒ [Disclosure](#Disclosure) - * [.fromJSON(json)](#Disclosure.fromJSON) ⇒ [Disclosure](#Disclosure) - - - -### new Disclosure(salt, claim_name, claim_value) - -| Param | Type | -| --- | --- | -| salt | string | -| claim_name | string \| undefined | -| claim_value | any | - - - -### disclosure.disclosure() ⇒ string -Returns a copy of the base64url-encoded string. - -**Kind**: instance method of [Disclosure](#Disclosure) - - -### disclosure.toEncodedString() ⇒ string -Returns a copy of the base64url-encoded string. - -**Kind**: instance method of [Disclosure](#Disclosure) - - -### disclosure.toString() ⇒ string -Returns a copy of the base64url-encoded string. - -**Kind**: instance method of [Disclosure](#Disclosure) - - -### disclosure.salt() ⇒ string -Returns a copy of the salt value. - -**Kind**: instance method of [Disclosure](#Disclosure) - - -### disclosure.claimName() ⇒ string \| undefined -Returns a copy of the claim name, optional for array elements. - -**Kind**: instance method of [Disclosure](#Disclosure) - - -### disclosure.claimValue() ⇒ any -Returns a copy of the claim Value which can be of any type. - -**Kind**: instance method of [Disclosure](#Disclosure) - - -### disclosure.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [Disclosure](#Disclosure) - - -### Disclosure.parse(disclosure) ⇒ [Disclosure](#Disclosure) -Parses a Base64 encoded disclosure into a `Disclosure`. - -## Error - -Returns an `InvalidDisclosure` if input is not a valid disclosure. - -**Kind**: static method of [Disclosure](#Disclosure) - -| Param | Type | -| --- | --- | -| disclosure | string | - - - -### Disclosure.fromJSON(json) ⇒ [Disclosure](#Disclosure) -Deserializes an instance from a JSON object. - -**Kind**: static method of [Disclosure](#Disclosure) - -| Param | Type | -| --- | --- | -| json | any | - - - -## DomainLinkageConfiguration -DID Configuration Resource which contains Domain Linkage Credentials. -It can be placed in an origin's `.well-known` directory to prove linkage between the origin and a DID. -See: - -Note: -- Only the [JSON Web Token Proof Format](https://identity.foundation/.well-known/resources/did-configuration/#json-web-token-proof-format) - -**Kind**: global class - -* [DomainLinkageConfiguration](#DomainLinkageConfiguration) - * [new DomainLinkageConfiguration(linkedDids)](#new_DomainLinkageConfiguration_new) - * _instance_ - * [.linkedDids()](#DomainLinkageConfiguration+linkedDids) ⇒ [Array.<Jwt>](#Jwt) - * [.issuers()](#DomainLinkageConfiguration+issuers) ⇒ [Array.<CoreDID>](#CoreDID) - * [.toJSON()](#DomainLinkageConfiguration+toJSON) ⇒ any - * [.clone()](#DomainLinkageConfiguration+clone) ⇒ [DomainLinkageConfiguration](#DomainLinkageConfiguration) - * _static_ - * [.fromJSON(json)](#DomainLinkageConfiguration.fromJSON) ⇒ [DomainLinkageConfiguration](#DomainLinkageConfiguration) - - - -### new DomainLinkageConfiguration(linkedDids) -Constructs a new [DomainLinkageConfiguration](#DomainLinkageConfiguration). - - -| Param | Type | -| --- | --- | -| linkedDids | [Array.<Jwt>](#Jwt) | - - - -### domainLinkageConfiguration.linkedDids() ⇒ [Array.<Jwt>](#Jwt) -List of the Domain Linkage Credentials. - -**Kind**: instance method of [DomainLinkageConfiguration](#DomainLinkageConfiguration) - - -### domainLinkageConfiguration.issuers() ⇒ [Array.<CoreDID>](#CoreDID) -List of the issuers of the Domain Linkage Credentials. - -**Kind**: instance method of [DomainLinkageConfiguration](#DomainLinkageConfiguration) - - -### domainLinkageConfiguration.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [DomainLinkageConfiguration](#DomainLinkageConfiguration) - - -### domainLinkageConfiguration.clone() ⇒ [DomainLinkageConfiguration](#DomainLinkageConfiguration) -Deep clones the object. - -**Kind**: instance method of [DomainLinkageConfiguration](#DomainLinkageConfiguration) - - -### DomainLinkageConfiguration.fromJSON(json) ⇒ [DomainLinkageConfiguration](#DomainLinkageConfiguration) -Deserializes an instance from a JSON object. - -**Kind**: static method of [DomainLinkageConfiguration](#DomainLinkageConfiguration) - -| Param | Type | -| --- | --- | -| json | any | - - - -## Duration -A span of time. - -**Kind**: global class - -* [Duration](#Duration) - * _instance_ - * [.toJSON()](#Duration+toJSON) ⇒ any - * _static_ - * [.seconds(seconds)](#Duration.seconds) ⇒ [Duration](#Duration) - * [.minutes(minutes)](#Duration.minutes) ⇒ [Duration](#Duration) - * [.hours(hours)](#Duration.hours) ⇒ [Duration](#Duration) - * [.days(days)](#Duration.days) ⇒ [Duration](#Duration) - * [.weeks(weeks)](#Duration.weeks) ⇒ [Duration](#Duration) - * [.fromJSON(json)](#Duration.fromJSON) ⇒ [Duration](#Duration) - - - -### duration.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [Duration](#Duration) - - -### Duration.seconds(seconds) ⇒ [Duration](#Duration) -Create a new [Duration](#Duration) with the given number of seconds. - -**Kind**: static method of [Duration](#Duration) - -| Param | Type | -| --- | --- | -| seconds | number | - - - -### Duration.minutes(minutes) ⇒ [Duration](#Duration) -Create a new [Duration](#Duration) with the given number of minutes. - -**Kind**: static method of [Duration](#Duration) - -| Param | Type | -| --- | --- | -| minutes | number | - - - -### Duration.hours(hours) ⇒ [Duration](#Duration) -Create a new [Duration](#Duration) with the given number of hours. - -**Kind**: static method of [Duration](#Duration) - -| Param | Type | -| --- | --- | -| hours | number | - - - -### Duration.days(days) ⇒ [Duration](#Duration) -Create a new [Duration](#Duration) with the given number of days. - -**Kind**: static method of [Duration](#Duration) - -| Param | Type | -| --- | --- | -| days | number | - - - -### Duration.weeks(weeks) ⇒ [Duration](#Duration) -Create a new [Duration](#Duration) with the given number of weeks. - -**Kind**: static method of [Duration](#Duration) - -| Param | Type | -| --- | --- | -| weeks | number | - - - -### Duration.fromJSON(json) ⇒ [Duration](#Duration) -Deserializes an instance from a JSON object. - -**Kind**: static method of [Duration](#Duration) - -| Param | Type | -| --- | --- | -| json | any | - - - -## EdDSAJwsVerifier -An implementor of `IJwsVerifier` that can handle the -`EdDSA` algorithm. - -**Kind**: global class - -* [EdDSAJwsVerifier](#EdDSAJwsVerifier) - * [new EdDSAJwsVerifier()](#new_EdDSAJwsVerifier_new) - * [.verify(alg, signingInput, decodedSignature, publicKey)](#EdDSAJwsVerifier+verify) - - - -### new EdDSAJwsVerifier() -Constructs an EdDSAJwsVerifier. - - - -### edDSAJwsVerifier.verify(alg, signingInput, decodedSignature, publicKey) -Verify a JWS signature secured with the `EdDSA` algorithm. -Only the `Ed25519` curve is supported for now. - -This function is useful when one is building an `IJwsVerifier` that extends the default provided by -the IOTA Identity Framework. - -# Warning - -This function does not check whether `alg = EdDSA` in the protected header. Callers are expected to assert this -prior to calling the function. - -**Kind**: instance method of [EdDSAJwsVerifier](#EdDSAJwsVerifier) - -| Param | Type | -| --- | --- | -| alg | JwsAlgorithm | -| signingInput | Uint8Array | -| decodedSignature | Uint8Array | -| publicKey | [Jwk](#Jwk) | - - - -## IotaDID -A DID conforming to the IOTA DID method specification. - -**Kind**: global class - -* [IotaDID](#IotaDID) - * [new IotaDID(bytes, network)](#new_IotaDID_new) - * _instance_ - * [.network()](#IotaDID+network) ⇒ string - * [.tag()](#IotaDID+tag) ⇒ string - * [.toCoreDid()](#IotaDID+toCoreDid) ⇒ [CoreDID](#CoreDID) - * [.scheme()](#IotaDID+scheme) ⇒ string - * [.authority()](#IotaDID+authority) ⇒ string - * [.method()](#IotaDID+method) ⇒ string - * [.methodId()](#IotaDID+methodId) ⇒ string - * [.join(segment)](#IotaDID+join) ⇒ [DIDUrl](#DIDUrl) - * [.toUrl()](#IotaDID+toUrl) ⇒ [DIDUrl](#DIDUrl) - * [.toAliasId()](#IotaDID+toAliasId) ⇒ string - * [.intoUrl()](#IotaDID+intoUrl) ⇒ [DIDUrl](#DIDUrl) - * [.toString()](#IotaDID+toString) ⇒ string - * [.toJSON()](#IotaDID+toJSON) ⇒ any - * [.clone()](#IotaDID+clone) ⇒ [IotaDID](#IotaDID) - * _static_ - * [.METHOD](#IotaDID.METHOD) ⇒ string - * [.DEFAULT_NETWORK](#IotaDID.DEFAULT_NETWORK) ⇒ string - * [.fromAliasId(aliasId, network)](#IotaDID.fromAliasId) ⇒ [IotaDID](#IotaDID) - * [.placeholder(network)](#IotaDID.placeholder) ⇒ [IotaDID](#IotaDID) - * [.parse(input)](#IotaDID.parse) ⇒ [IotaDID](#IotaDID) - * [.fromJSON(json)](#IotaDID.fromJSON) ⇒ [IotaDID](#IotaDID) - - - -### new IotaDID(bytes, network) -Constructs a new [IotaDID](#IotaDID) from a byte representation of the tag and the given -network name. - -See also [placeholder](#IotaDID.placeholder). - - -| Param | Type | -| --- | --- | -| bytes | Uint8Array | -| network | string | - - - -### did.network() ⇒ string -Returns the Tangle network name of the [IotaDID](#IotaDID). - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### did.tag() ⇒ string -Returns a copy of the unique tag of the [IotaDID](#IotaDID). - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### did.toCoreDid() ⇒ [CoreDID](#CoreDID) -Returns the DID represented as a [CoreDID](#CoreDID). - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### did.scheme() ⇒ string -Returns the `DID` scheme. - -E.g. -- `"did:example:12345678" -> "did"` -- `"did:iota:main:12345678" -> "did"` - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### did.authority() ⇒ string -Returns the `DID` authority: the method name and method-id. - -E.g. -- `"did:example:12345678" -> "example:12345678"` -- `"did:iota:main:12345678" -> "iota:main:12345678"` - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### did.method() ⇒ string -Returns the `DID` method name. - -E.g. -- `"did:example:12345678" -> "example"` -- `"did:iota:main:12345678" -> "iota"` - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### did.methodId() ⇒ string -Returns the `DID` method-specific ID. - -E.g. -- `"did:example:12345678" -> "12345678"` -- `"did:iota:main:12345678" -> "main:12345678"` - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### did.join(segment) ⇒ [DIDUrl](#DIDUrl) -Construct a new [DIDUrl](#DIDUrl) by joining with a relative DID Url string. - -**Kind**: instance method of [IotaDID](#IotaDID) - -| Param | Type | -| --- | --- | -| segment | string | - - - -### did.toUrl() ⇒ [DIDUrl](#DIDUrl) -Clones the `DID` into a [DIDUrl](#DIDUrl). - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### did.toAliasId() ⇒ string -Returns the hex-encoded AliasId with a '0x' prefix, from the DID tag. - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### did.intoUrl() ⇒ [DIDUrl](#DIDUrl) -Converts the `DID` into a [DIDUrl](#DIDUrl), consuming it. - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### did.toString() ⇒ string -Returns the `DID` as a string. - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### did.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### did.clone() ⇒ [IotaDID](#IotaDID) -Deep clones the object. - -**Kind**: instance method of [IotaDID](#IotaDID) - - -### IotaDID.METHOD ⇒ string -The IOTA DID method name (`"iota"`). - -**Kind**: static property of [IotaDID](#IotaDID) - - -### IotaDID.DEFAULT\_NETWORK ⇒ string -The default Tangle network (`"iota"`). - -**Kind**: static property of [IotaDID](#IotaDID) - - -### IotaDID.fromAliasId(aliasId, network) ⇒ [IotaDID](#IotaDID) -Constructs a new [IotaDID](#IotaDID) from a hex representation of an Alias Id and the given -network name. - -**Kind**: static method of [IotaDID](#IotaDID) - -| Param | Type | -| --- | --- | -| aliasId | string | -| network | string | - - - -### IotaDID.placeholder(network) ⇒ [IotaDID](#IotaDID) -Creates a new placeholder [IotaDID](#IotaDID) with the given network name. - -E.g. `did:iota:smr:0x0000000000000000000000000000000000000000000000000000000000000000`. - -**Kind**: static method of [IotaDID](#IotaDID) - -| Param | Type | -| --- | --- | -| network | string | - - - -### IotaDID.parse(input) ⇒ [IotaDID](#IotaDID) -Parses a [IotaDID](#IotaDID) from the input string. - -**Kind**: static method of [IotaDID](#IotaDID) - -| Param | Type | -| --- | --- | -| input | string | - - - -### IotaDID.fromJSON(json) ⇒ [IotaDID](#IotaDID) -Deserializes an instance from a JSON object. - -**Kind**: static method of [IotaDID](#IotaDID) - -| Param | Type | -| --- | --- | -| json | any | - - - -## IotaDocument -A DID Document adhering to the IOTA DID method specification. - -Note: All methods that involve reading from this class may potentially raise an error -if the object is being concurrently modified. - -**Kind**: global class - -* [IotaDocument](#IotaDocument) - * [new IotaDocument(network)](#new_IotaDocument_new) - * _instance_ - * [.id()](#IotaDocument+id) ⇒ [IotaDID](#IotaDID) - * [.controller()](#IotaDocument+controller) ⇒ [Array.<IotaDID>](#IotaDID) - * [.setController(controller)](#IotaDocument+setController) - * [.alsoKnownAs()](#IotaDocument+alsoKnownAs) ⇒ Array.<string> - * [.setAlsoKnownAs(urls)](#IotaDocument+setAlsoKnownAs) - * [.properties()](#IotaDocument+properties) ⇒ Map.<string, any> - * [.setPropertyUnchecked(key, value)](#IotaDocument+setPropertyUnchecked) - * [.service()](#IotaDocument+service) ⇒ [Array.<Service>](#Service) - * [.insertService(service)](#IotaDocument+insertService) - * [.removeService(did)](#IotaDocument+removeService) ⇒ [Service](#Service) \| undefined - * [.resolveService(query)](#IotaDocument+resolveService) ⇒ [Service](#Service) \| undefined - * [.methods([scope])](#IotaDocument+methods) ⇒ [Array.<VerificationMethod>](#VerificationMethod) - * [.insertMethod(method, scope)](#IotaDocument+insertMethod) - * [.removeMethod(did)](#IotaDocument+removeMethod) ⇒ [VerificationMethod](#VerificationMethod) \| undefined - * [.resolveMethod(query, [scope])](#IotaDocument+resolveMethod) ⇒ [VerificationMethod](#VerificationMethod) \| undefined - * [.attachMethodRelationship(didUrl, relationship)](#IotaDocument+attachMethodRelationship) ⇒ boolean - * [.detachMethodRelationship(didUrl, relationship)](#IotaDocument+detachMethodRelationship) ⇒ boolean - * [.verifyJws(jws, options, signatureVerifier, [detachedPayload])](#IotaDocument+verifyJws) ⇒ [DecodedJws](#DecodedJws) - * [.pack()](#IotaDocument+pack) ⇒ Uint8Array - * [.packWithEncoding(encoding)](#IotaDocument+packWithEncoding) ⇒ Uint8Array - * [.metadata()](#IotaDocument+metadata) ⇒ [IotaDocumentMetadata](#IotaDocumentMetadata) - * [.metadataCreated()](#IotaDocument+metadataCreated) ⇒ [Timestamp](#Timestamp) \| undefined - * [.setMetadataCreated(timestamp)](#IotaDocument+setMetadataCreated) - * [.metadataUpdated()](#IotaDocument+metadataUpdated) ⇒ [Timestamp](#Timestamp) \| undefined - * [.setMetadataUpdated(timestamp)](#IotaDocument+setMetadataUpdated) - * [.metadataDeactivated()](#IotaDocument+metadataDeactivated) ⇒ boolean \| undefined - * [.setMetadataDeactivated([deactivated])](#IotaDocument+setMetadataDeactivated) - * [.metadataStateControllerAddress()](#IotaDocument+metadataStateControllerAddress) ⇒ string \| undefined - * [.metadataGovernorAddress()](#IotaDocument+metadataGovernorAddress) ⇒ string \| undefined - * [.setMetadataPropertyUnchecked(key, value)](#IotaDocument+setMetadataPropertyUnchecked) - * [.revokeCredentials(serviceQuery, indices)](#IotaDocument+revokeCredentials) - * [.unrevokeCredentials(serviceQuery, indices)](#IotaDocument+unrevokeCredentials) - * [.clone()](#IotaDocument+clone) ⇒ [IotaDocument](#IotaDocument) - * [._shallowCloneInternal()](#IotaDocument+_shallowCloneInternal) ⇒ [IotaDocument](#IotaDocument) - * [._strongCountInternal()](#IotaDocument+_strongCountInternal) ⇒ number - * [.toJSON()](#IotaDocument+toJSON) ⇒ any - * [.toCoreDocument()](#IotaDocument+toCoreDocument) ⇒ [CoreDocument](#CoreDocument) - * [.generateMethod(storage, keyType, alg, fragment, scope)](#IotaDocument+generateMethod) ⇒ Promise.<string> - * [.purgeMethod(storage, id)](#IotaDocument+purgeMethod) ⇒ Promise.<void> - * ~~[.createJwt(storage, fragment, payload, options)](#IotaDocument+createJwt) ⇒ [Promise.<Jws>](#Jws)~~ - * [.createJws(storage, fragment, payload, options)](#IotaDocument+createJws) ⇒ [Promise.<Jws>](#Jws) - * [.createCredentialJwt(storage, fragment, credential, options, [custom_claims])](#IotaDocument+createCredentialJwt) ⇒ [Promise.<Jwt>](#Jwt) - * [.createPresentationJwt(storage, fragment, presentation, signature_options, presentation_options)](#IotaDocument+createPresentationJwt) ⇒ [Promise.<Jwt>](#Jwt) - * [.generateMethodJwp(storage, alg, fragment, scope)](#IotaDocument+generateMethodJwp) ⇒ Promise.<string> - * [.createIssuedJwp(storage, fragment, jpt_claims, options)](#IotaDocument+createIssuedJwp) ⇒ Promise.<string> - * [.createPresentedJwp(presentation, method_id, options)](#IotaDocument+createPresentedJwp) ⇒ Promise.<string> - * [.createCredentialJpt(credential, storage, fragment, options, [custom_claims])](#IotaDocument+createCredentialJpt) ⇒ [Promise.<Jpt>](#Jpt) - * [.createPresentationJpt(presentation, method_id, options)](#IotaDocument+createPresentationJpt) ⇒ [Promise.<Jpt>](#Jpt) - * _static_ - * [.newWithId(id)](#IotaDocument.newWithId) ⇒ [IotaDocument](#IotaDocument) - * [.unpackFromOutput(did, aliasOutput, allowEmpty)](#IotaDocument.unpackFromOutput) ⇒ [IotaDocument](#IotaDocument) - * [.unpackFromBlock(network, block)](#IotaDocument.unpackFromBlock) ⇒ [Array.<IotaDocument>](#IotaDocument) - * [.fromJSON(json)](#IotaDocument.fromJSON) ⇒ [IotaDocument](#IotaDocument) - - - -### new IotaDocument(network) -Constructs an empty IOTA DID Document with a [placeholder](#IotaDID.placeholder) identifier -for the given `network`. - - -| Param | Type | -| --- | --- | -| network | string | - - - -### iotaDocument.id() ⇒ [IotaDID](#IotaDID) -Returns a copy of the DID Document `id`. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.controller() ⇒ [Array.<IotaDID>](#IotaDID) -Returns a copy of the list of document controllers. - -NOTE: controllers are determined by the `state_controller` unlock condition of the output -during resolution and are omitted when publishing. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.setController(controller) -Sets the controllers of the document. - -Note: Duplicates will be ignored. -Use `null` to remove all controllers. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| controller | [Array.<IotaDID>](#IotaDID) \| null | - - - -### iotaDocument.alsoKnownAs() ⇒ Array.<string> -Returns a copy of the document's `alsoKnownAs` set. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.setAlsoKnownAs(urls) -Sets the `alsoKnownAs` property in the DID document. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| urls | string \| Array.<string> \| null | - - - -### iotaDocument.properties() ⇒ Map.<string, any> -Returns a copy of the custom DID Document properties. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.setPropertyUnchecked(key, value) -Sets a custom property in the DID Document. -If the value is set to `null`, the custom property will be removed. - -### WARNING - -This method can overwrite existing properties like `id` and result in an invalid document. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| key | string | -| value | any | - - - -### iotaDocument.service() ⇒ [Array.<Service>](#Service) -Return a set of all [Service](#Service) in the document. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.insertService(service) -Add a new [Service](#Service) to the document. - -Returns `true` if the service was added. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| service | [Service](#Service) | - - - -### iotaDocument.removeService(did) ⇒ [Service](#Service) \| undefined -Remove a [Service](#Service) identified by the given [DIDUrl](#DIDUrl) from the document. - -Returns `true` if a service was removed. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| did | [DIDUrl](#DIDUrl) | - - - -### iotaDocument.resolveService(query) ⇒ [Service](#Service) \| undefined -Returns the first [Service](#Service) with an `id` property matching the provided `query`, -if present. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| query | [DIDUrl](#DIDUrl) \| string | - - - -### iotaDocument.methods([scope]) ⇒ [Array.<VerificationMethod>](#VerificationMethod) -Returns a list of all [VerificationMethod](#VerificationMethod) in the DID Document, -whose verification relationship matches `scope`. - -If `scope` is not set, a list over the **embedded** methods is returned. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| [scope] | [MethodScope](#MethodScope) \| undefined | - - - -### iotaDocument.insertMethod(method, scope) -Adds a new `method` to the document in the given `scope`. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| method | [VerificationMethod](#VerificationMethod) | -| scope | [MethodScope](#MethodScope) | - - - -### iotaDocument.removeMethod(did) ⇒ [VerificationMethod](#VerificationMethod) \| undefined -Removes all references to the specified Verification Method. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| did | [DIDUrl](#DIDUrl) | - - - -### iotaDocument.resolveMethod(query, [scope]) ⇒ [VerificationMethod](#VerificationMethod) \| undefined -Returns a copy of the first verification method with an `id` property -matching the provided `query` and the verification relationship -specified by `scope`, if present. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| query | [DIDUrl](#DIDUrl) \| string | -| [scope] | [MethodScope](#MethodScope) \| undefined | - - - -### iotaDocument.attachMethodRelationship(didUrl, relationship) ⇒ boolean -Attaches the relationship to the given method, if the method exists. - -Note: The method needs to be in the set of verification methods, -so it cannot be an embedded one. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| didUrl | [DIDUrl](#DIDUrl) | -| relationship | [MethodRelationship](#MethodRelationship) | - - - -### iotaDocument.detachMethodRelationship(didUrl, relationship) ⇒ boolean -Detaches the given relationship from the given method, if the method exists. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| didUrl | [DIDUrl](#DIDUrl) | -| relationship | [MethodRelationship](#MethodRelationship) | - - - -### iotaDocument.verifyJws(jws, options, signatureVerifier, [detachedPayload]) ⇒ [DecodedJws](#DecodedJws) -Decodes and verifies the provided JWS according to the passed `options` and `signatureVerifier`. - If no `signatureVerifier` argument is provided a default verifier will be used that is (only) capable of -verifying EdDSA signatures. - -Regardless of which options are passed the following conditions must be met in order for a verification attempt to -take place. -- The JWS must be encoded according to the JWS compact serialization. -- The `kid` value in the protected header must be an identifier of a verification method in this DID document. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| jws | [Jws](#Jws) | -| options | [JwsVerificationOptions](#JwsVerificationOptions) | -| signatureVerifier | IJwsVerifier | -| [detachedPayload] | string \| undefined | - - - -### iotaDocument.pack() ⇒ Uint8Array -Serializes the document for inclusion in an Alias Output's state metadata -with the default [StateMetadataEncoding](#StateMetadataEncoding). - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.packWithEncoding(encoding) ⇒ Uint8Array -Serializes the document for inclusion in an Alias Output's state metadata. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| encoding | [StateMetadataEncoding](#StateMetadataEncoding) | - - - -### iotaDocument.metadata() ⇒ [IotaDocumentMetadata](#IotaDocumentMetadata) -Returns a copy of the metadata associated with this document. - -NOTE: Copies all the metadata. See also `metadataCreated`, `metadataUpdated`, -`metadataPreviousMessageId`, `metadataProof` if only a subset of the metadata required. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.metadataCreated() ⇒ [Timestamp](#Timestamp) \| undefined -Returns a copy of the timestamp of when the DID document was created. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.setMetadataCreated(timestamp) -Sets the timestamp of when the DID document was created. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| timestamp | [Timestamp](#Timestamp) \| undefined | - - - -### iotaDocument.metadataUpdated() ⇒ [Timestamp](#Timestamp) \| undefined -Returns a copy of the timestamp of the last DID document update. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.setMetadataUpdated(timestamp) -Sets the timestamp of the last DID document update. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| timestamp | [Timestamp](#Timestamp) \| undefined | - - - -### iotaDocument.metadataDeactivated() ⇒ boolean \| undefined -Returns a copy of the deactivated status of the DID document. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.setMetadataDeactivated([deactivated]) -Sets the deactivated status of the DID document. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| [deactivated] | boolean \| undefined | - - - -### iotaDocument.metadataStateControllerAddress() ⇒ string \| undefined -Returns a copy of the Bech32-encoded state controller address, if present. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.metadataGovernorAddress() ⇒ string \| undefined -Returns a copy of the Bech32-encoded governor address, if present. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.setMetadataPropertyUnchecked(key, value) -Sets a custom property in the document metadata. -If the value is set to `null`, the custom property will be removed. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| key | string | -| value | any | - - - -### iotaDocument.revokeCredentials(serviceQuery, indices) -If the document has a [RevocationBitmap](#RevocationBitmap) service identified by `serviceQuery`, -revoke all specified `indices`. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| serviceQuery | [DIDUrl](#DIDUrl) \| string | -| indices | number \| Array.<number> | - - - -### iotaDocument.unrevokeCredentials(serviceQuery, indices) -If the document has a [RevocationBitmap](#RevocationBitmap) service identified by `serviceQuery`, -unrevoke all specified `indices`. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| serviceQuery | [DIDUrl](#DIDUrl) \| string | -| indices | number \| Array.<number> | - - - -### iotaDocument.clone() ⇒ [IotaDocument](#IotaDocument) -Returns a deep clone of the [IotaDocument](#IotaDocument). - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.\_shallowCloneInternal() ⇒ [IotaDocument](#IotaDocument) -### Warning -This is for internal use only. Do not rely on or call this method. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.\_strongCountInternal() ⇒ number -### Warning -This is for internal use only. Do not rely on or call this method. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.toJSON() ⇒ any -Serializes to a plain JS representation. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.toCoreDocument() ⇒ [CoreDocument](#CoreDocument) -Transforms the [IotaDocument](#IotaDocument) to its [CoreDocument](#CoreDocument) representation. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - - -### iotaDocument.generateMethod(storage, keyType, alg, fragment, scope) ⇒ Promise.<string> -Generate new key material in the given `storage` and insert a new verification method with the corresponding -public key material into the DID document. - -- If no fragment is given the `kid` of the generated JWK is used, if it is set, otherwise an error is returned. -- The `keyType` must be compatible with the given `storage`. `Storage`s are expected to export key type constants -for that use case. - -The fragment of the generated method is returned. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| keyType | string | -| alg | JwsAlgorithm | -| fragment | string \| undefined | -| scope | [MethodScope](#MethodScope) | - - - -### iotaDocument.purgeMethod(storage, id) ⇒ Promise.<void> -Remove the method identified by the given fragment from the document and delete the corresponding key material in -the given `storage`. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| id | [DIDUrl](#DIDUrl) | - - - -### ~~iotaDocument.createJwt(storage, fragment, payload, options) ⇒ [Promise.<Jws>](#Jws)~~ -***Deprecated*** - -Sign the `payload` according to `options` with the storage backed private key corresponding to the public key -material in the verification method identified by the given `fragment. - -Upon success a string representing a JWS encoded according to the Compact JWS Serialization format is returned. -See [RFC7515 section 3.1](https://www.rfc-editor.org/rfc/rfc7515#section-3.1). - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| fragment | string | -| payload | string | -| options | [JwsSignatureOptions](#JwsSignatureOptions) | - - - -### iotaDocument.createJws(storage, fragment, payload, options) ⇒ [Promise.<Jws>](#Jws) -Sign the `payload` according to `options` with the storage backed private key corresponding to the public key -material in the verification method identified by the given `fragment. - -Upon success a string representing a JWS encoded according to the Compact JWS Serialization format is returned. -See [RFC7515 section 3.1](https://www.rfc-editor.org/rfc/rfc7515#section-3.1). - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| fragment | string | -| payload | string | -| options | [JwsSignatureOptions](#JwsSignatureOptions) | - - - -### iotaDocument.createCredentialJwt(storage, fragment, credential, options, [custom_claims]) ⇒ [Promise.<Jwt>](#Jwt) -Produces a JWS where the payload is produced from the given `credential` -in accordance with [VC Data Model v1.1](https://www.w3.org/TR/vc-data-model/#json-web-token). - -Unless the `kid` is explicitly set in the options, the `kid` in the protected header is the `id` -of the method identified by `fragment` and the JWS signature will be produced by the corresponding -private key backed by the `storage` in accordance with the passed `options`. - -The `custom_claims` can be used to set additional claims on the resulting JWT. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| fragment | string | -| credential | [Credential](#Credential) | -| options | [JwsSignatureOptions](#JwsSignatureOptions) | -| [custom_claims] | Record.<string, any> \| undefined | - - - -### iotaDocument.createPresentationJwt(storage, fragment, presentation, signature_options, presentation_options) ⇒ [Promise.<Jwt>](#Jwt) -Produces a JWT where the payload is produced from the given presentation. -in accordance with [VC Data Model v1.1](https://www.w3.org/TR/vc-data-model/#json-web-token). - -Unless the `kid` is explicitly set in the options, the `kid` in the protected header is the `id` -of the method identified by `fragment` and the JWS signature will be produced by the corresponding -private key backed by the `storage` in accordance with the passed `options`. - -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| fragment | string | -| presentation | [Presentation](#Presentation) | -| signature_options | [JwsSignatureOptions](#JwsSignatureOptions) | -| presentation_options | [JwtPresentationOptions](#JwtPresentationOptions) | - - - -### iotaDocument.generateMethodJwp(storage, alg, fragment, scope) ⇒ Promise.<string> -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| alg | [ProofAlgorithm](#ProofAlgorithm) | -| fragment | string \| undefined | -| scope | [MethodScope](#MethodScope) | - - - -### iotaDocument.createIssuedJwp(storage, fragment, jpt_claims, options) ⇒ Promise.<string> -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| storage | [Storage](#Storage) | -| fragment | string | -| jpt_claims | JptClaims | -| options | [JwpCredentialOptions](#JwpCredentialOptions) | - - - -### iotaDocument.createPresentedJwp(presentation, method_id, options) ⇒ Promise.<string> -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| presentation | [SelectiveDisclosurePresentation](#SelectiveDisclosurePresentation) | -| method_id | string | -| options | [JwpPresentationOptions](#JwpPresentationOptions) | - - - -### iotaDocument.createCredentialJpt(credential, storage, fragment, options, [custom_claims]) ⇒ [Promise.<Jpt>](#Jpt) -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | -| storage | [Storage](#Storage) | -| fragment | string | -| options | [JwpCredentialOptions](#JwpCredentialOptions) | -| [custom_claims] | Map.<string, any> \| undefined | - - - -### iotaDocument.createPresentationJpt(presentation, method_id, options) ⇒ [Promise.<Jpt>](#Jpt) -**Kind**: instance method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| presentation | [SelectiveDisclosurePresentation](#SelectiveDisclosurePresentation) | -| method_id | string | -| options | [JwpPresentationOptions](#JwpPresentationOptions) | - - - -### IotaDocument.newWithId(id) ⇒ [IotaDocument](#IotaDocument) -Constructs an empty DID Document with the given identifier. - -**Kind**: static method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| id | [IotaDID](#IotaDID) | - - - -### IotaDocument.unpackFromOutput(did, aliasOutput, allowEmpty) ⇒ [IotaDocument](#IotaDocument) -Deserializes the document from an Alias Output. - -If `allowEmpty` is true, this will return an empty DID document marked as `deactivated` -if `stateMetadata` is empty. - -The `tokenSupply` must be equal to the token supply of the network the DID is associated with. - -NOTE: `did` is required since it is omitted from the serialized DID Document and -cannot be inferred from the state metadata. It also indicates the network, which is not -encoded in the `AliasId` alone. - -**Kind**: static method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| did | [IotaDID](#IotaDID) | -| aliasOutput | AliasOutputBuilderParams | -| allowEmpty | boolean | - - - -### IotaDocument.unpackFromBlock(network, block) ⇒ [Array.<IotaDocument>](#IotaDocument) -Returns all DID documents of the Alias Outputs contained in the block's transaction payload -outputs, if any. - -Errors if any Alias Output does not contain a valid or empty DID Document. - -**Kind**: static method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| network | string | -| block | Block | - - - -### IotaDocument.fromJSON(json) ⇒ [IotaDocument](#IotaDocument) -Deserializes an instance from a plain JS representation. - -**Kind**: static method of [IotaDocument](#IotaDocument) - -| Param | Type | -| --- | --- | -| json | any | - - - -## IotaDocumentMetadata -Additional attributes related to an IOTA DID Document. - -**Kind**: global class - -* [IotaDocumentMetadata](#IotaDocumentMetadata) - * _instance_ - * [.created()](#IotaDocumentMetadata+created) ⇒ [Timestamp](#Timestamp) \| undefined - * [.updated()](#IotaDocumentMetadata+updated) ⇒ [Timestamp](#Timestamp) \| undefined - * [.deactivated()](#IotaDocumentMetadata+deactivated) ⇒ boolean \| undefined - * [.stateControllerAddress()](#IotaDocumentMetadata+stateControllerAddress) ⇒ string \| undefined - * [.governorAddress()](#IotaDocumentMetadata+governorAddress) ⇒ string \| undefined - * [.properties()](#IotaDocumentMetadata+properties) ⇒ Map.<string, any> - * [.toJSON()](#IotaDocumentMetadata+toJSON) ⇒ any - * [.clone()](#IotaDocumentMetadata+clone) ⇒ [IotaDocumentMetadata](#IotaDocumentMetadata) - * _static_ - * [.fromJSON(json)](#IotaDocumentMetadata.fromJSON) ⇒ [IotaDocumentMetadata](#IotaDocumentMetadata) - - - -### iotaDocumentMetadata.created() ⇒ [Timestamp](#Timestamp) \| undefined -Returns a copy of the timestamp of when the DID document was created. - -**Kind**: instance method of [IotaDocumentMetadata](#IotaDocumentMetadata) - - -### iotaDocumentMetadata.updated() ⇒ [Timestamp](#Timestamp) \| undefined -Returns a copy of the timestamp of the last DID document update. - -**Kind**: instance method of [IotaDocumentMetadata](#IotaDocumentMetadata) - - -### iotaDocumentMetadata.deactivated() ⇒ boolean \| undefined -Returns a copy of the deactivated status of the DID document. - -**Kind**: instance method of [IotaDocumentMetadata](#IotaDocumentMetadata) - - -### iotaDocumentMetadata.stateControllerAddress() ⇒ string \| undefined -Returns a copy of the Bech32-encoded state controller address, if present. - -**Kind**: instance method of [IotaDocumentMetadata](#IotaDocumentMetadata) - - -### iotaDocumentMetadata.governorAddress() ⇒ string \| undefined -Returns a copy of the Bech32-encoded governor address, if present. - -**Kind**: instance method of [IotaDocumentMetadata](#IotaDocumentMetadata) - - -### iotaDocumentMetadata.properties() ⇒ Map.<string, any> -Returns a copy of the custom metadata properties. - -**Kind**: instance method of [IotaDocumentMetadata](#IotaDocumentMetadata) - - -### iotaDocumentMetadata.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [IotaDocumentMetadata](#IotaDocumentMetadata) - - -### iotaDocumentMetadata.clone() ⇒ [IotaDocumentMetadata](#IotaDocumentMetadata) -Deep clones the object. - -**Kind**: instance method of [IotaDocumentMetadata](#IotaDocumentMetadata) - - -### IotaDocumentMetadata.fromJSON(json) ⇒ [IotaDocumentMetadata](#IotaDocumentMetadata) -Deserializes an instance from a JSON object. - -**Kind**: static method of [IotaDocumentMetadata](#IotaDocumentMetadata) - -| Param | Type | -| --- | --- | -| json | any | - - - -## IotaIdentityClientExt -An extension interface that provides helper functions for publication -and resolution of DID documents in Alias Outputs. - -**Kind**: global class - -* [IotaIdentityClientExt](#IotaIdentityClientExt) - * [.newDidOutput(client, address, document, [rentStructure])](#IotaIdentityClientExt.newDidOutput) ⇒ Promise.<AliasOutputBuilderParams> - * [.updateDidOutput(client, document)](#IotaIdentityClientExt.updateDidOutput) ⇒ Promise.<AliasOutputBuilderParams> - * [.deactivateDidOutput(client, did)](#IotaIdentityClientExt.deactivateDidOutput) ⇒ Promise.<AliasOutputBuilderParams> - * [.resolveDid(client, did)](#IotaIdentityClientExt.resolveDid) ⇒ [Promise.<IotaDocument>](#IotaDocument) - * [.resolveDidOutput(client, did)](#IotaIdentityClientExt.resolveDidOutput) ⇒ Promise.<AliasOutputBuilderParams> - - - -### IotaIdentityClientExt.newDidOutput(client, address, document, [rentStructure]) ⇒ Promise.<AliasOutputBuilderParams> -Create a DID with a new Alias Output containing the given `document`. - -The `address` will be set as the state controller and governor unlock conditions. -The minimum required token deposit amount will be set according to the given -`rent_structure`, which will be fetched from the node if not provided. -The returned Alias Output can be further customised before publication, if desired. - -NOTE: this does *not* publish the Alias Output. - -**Kind**: static method of [IotaIdentityClientExt](#IotaIdentityClientExt) - -| Param | Type | -| --- | --- | -| client | IIotaIdentityClient | -| address | Address | -| document | [IotaDocument](#IotaDocument) | -| [rentStructure] | IRent \| undefined | - - - -### IotaIdentityClientExt.updateDidOutput(client, document) ⇒ Promise.<AliasOutputBuilderParams> -Fetches the associated Alias Output and updates it with `document` in its state metadata. -The storage deposit on the output is left unchanged. If the size of the document increased, -the amount should be increased manually. - -NOTE: this does *not* publish the updated Alias Output. - -**Kind**: static method of [IotaIdentityClientExt](#IotaIdentityClientExt) - -| Param | Type | -| --- | --- | -| client | IIotaIdentityClient | -| document | [IotaDocument](#IotaDocument) | - - - -### IotaIdentityClientExt.deactivateDidOutput(client, did) ⇒ Promise.<AliasOutputBuilderParams> -Removes the DID document from the state metadata of its Alias Output, -effectively deactivating it. The storage deposit on the output is left unchanged, -and should be reallocated manually. - -Deactivating does not destroy the output. Hence, it can be re-activated by publishing -an update containing a DID document. - -NOTE: this does *not* publish the updated Alias Output. - -**Kind**: static method of [IotaIdentityClientExt](#IotaIdentityClientExt) - -| Param | Type | -| --- | --- | -| client | IIotaIdentityClient | -| did | [IotaDID](#IotaDID) | - - - -### IotaIdentityClientExt.resolveDid(client, did) ⇒ [Promise.<IotaDocument>](#IotaDocument) -Resolve a [IotaDocument](#IotaDocument). Returns an empty, deactivated document if the state metadata -of the Alias Output is empty. - -**Kind**: static method of [IotaIdentityClientExt](#IotaIdentityClientExt) - -| Param | Type | -| --- | --- | -| client | IIotaIdentityClient | -| did | [IotaDID](#IotaDID) | - - - -### IotaIdentityClientExt.resolveDidOutput(client, did) ⇒ Promise.<AliasOutputBuilderParams> -Fetches the `IAliasOutput` associated with the given DID. - -**Kind**: static method of [IotaIdentityClientExt](#IotaIdentityClientExt) - -| Param | Type | -| --- | --- | -| client | IIotaIdentityClient | -| did | [IotaDID](#IotaDID) | - - - -## IssuerProtectedHeader -**Kind**: global class - -* [IssuerProtectedHeader](#IssuerProtectedHeader) - * [.typ](#IssuerProtectedHeader+typ) ⇒ string \| undefined - * [.typ](#IssuerProtectedHeader+typ) - * [.alg](#IssuerProtectedHeader+alg) ⇒ [ProofAlgorithm](#ProofAlgorithm) - * [.alg](#IssuerProtectedHeader+alg) - * [.kid](#IssuerProtectedHeader+kid) ⇒ string \| undefined - * [.kid](#IssuerProtectedHeader+kid) - * [.cid](#IssuerProtectedHeader+cid) ⇒ string \| undefined - * [.cid](#IssuerProtectedHeader+cid) - * [.claims()](#IssuerProtectedHeader+claims) ⇒ Array.<string> - - - -### issuerProtectedHeader.typ ⇒ string \| undefined -JWP type (JPT). - -**Kind**: instance property of [IssuerProtectedHeader](#IssuerProtectedHeader) - - -### issuerProtectedHeader.typ -JWP type (JPT). - -**Kind**: instance property of [IssuerProtectedHeader](#IssuerProtectedHeader) - -| Param | Type | -| --- | --- | -| [arg0] | string \| undefined | - - - -### issuerProtectedHeader.alg ⇒ [ProofAlgorithm](#ProofAlgorithm) -Algorithm used for the JWP. - -**Kind**: instance property of [IssuerProtectedHeader](#IssuerProtectedHeader) - - -### issuerProtectedHeader.alg -Algorithm used for the JWP. - -**Kind**: instance property of [IssuerProtectedHeader](#IssuerProtectedHeader) - -| Param | Type | -| --- | --- | -| arg0 | [ProofAlgorithm](#ProofAlgorithm) | - - - -### issuerProtectedHeader.kid ⇒ string \| undefined -ID for the key used for the JWP. - -**Kind**: instance property of [IssuerProtectedHeader](#IssuerProtectedHeader) - - -### issuerProtectedHeader.kid -ID for the key used for the JWP. - -**Kind**: instance property of [IssuerProtectedHeader](#IssuerProtectedHeader) - -| Param | Type | -| --- | --- | -| [arg0] | string \| undefined | - - - -### issuerProtectedHeader.cid ⇒ string \| undefined -Not handled for now. Will be used in the future to resolve external claims - -**Kind**: instance property of [IssuerProtectedHeader](#IssuerProtectedHeader) - - -### issuerProtectedHeader.cid -Not handled for now. Will be used in the future to resolve external claims - -**Kind**: instance property of [IssuerProtectedHeader](#IssuerProtectedHeader) - -| Param | Type | -| --- | --- | -| [arg0] | string \| undefined | - - - -### issuerProtectedHeader.claims() ⇒ Array.<string> -**Kind**: instance method of [IssuerProtectedHeader](#IssuerProtectedHeader) - - -## Jpt -A JSON Proof Token (JPT). - -**Kind**: global class - -* [Jpt](#Jpt) - * [new Jpt(jpt_string)](#new_Jpt_new) - * [.toString()](#Jpt+toString) ⇒ string - * [.clone()](#Jpt+clone) ⇒ [Jpt](#Jpt) - - - -### new Jpt(jpt_string) -Creates a new [Jpt](#Jpt). - - -| Param | Type | -| --- | --- | -| jpt_string | string | - - - -### jpt.toString() ⇒ string -**Kind**: instance method of [Jpt](#Jpt) - - -### jpt.clone() ⇒ [Jpt](#Jpt) -Deep clones the object. - -**Kind**: instance method of [Jpt](#Jpt) - - -## JptCredentialValidationOptions -Options to declare validation criteria for [Jpt](#Jpt). - -**Kind**: global class - -* [JptCredentialValidationOptions](#JptCredentialValidationOptions) - * [new JptCredentialValidationOptions([opts])](#new_JptCredentialValidationOptions_new) - * _instance_ - * [.clone()](#JptCredentialValidationOptions+clone) ⇒ [JptCredentialValidationOptions](#JptCredentialValidationOptions) - * [.toJSON()](#JptCredentialValidationOptions+toJSON) ⇒ any - * _static_ - * [.fromJSON(json)](#JptCredentialValidationOptions.fromJSON) ⇒ [JptCredentialValidationOptions](#JptCredentialValidationOptions) - - - -### new JptCredentialValidationOptions([opts]) -Creates a new default istance. - - -| Param | Type | -| --- | --- | -| [opts] | IJptCredentialValidationOptions \| undefined | - - - -### jptCredentialValidationOptions.clone() ⇒ [JptCredentialValidationOptions](#JptCredentialValidationOptions) -Deep clones the object. - -**Kind**: instance method of [JptCredentialValidationOptions](#JptCredentialValidationOptions) - - -### jptCredentialValidationOptions.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [JptCredentialValidationOptions](#JptCredentialValidationOptions) - - -### JptCredentialValidationOptions.fromJSON(json) ⇒ [JptCredentialValidationOptions](#JptCredentialValidationOptions) -Deserializes an instance from a JSON object. - -**Kind**: static method of [JptCredentialValidationOptions](#JptCredentialValidationOptions) - -| Param | Type | -| --- | --- | -| json | any | - - - -## JptCredentialValidator -**Kind**: global class - - -### JptCredentialValidator.validate(credential_jpt, issuer, options, fail_fast) ⇒ [DecodedJptCredential](#DecodedJptCredential) -**Kind**: static method of [JptCredentialValidator](#JptCredentialValidator) - -| Param | Type | -| --- | --- | -| credential_jpt | [Jpt](#Jpt) | -| issuer | [CoreDocument](#CoreDocument) \| IToCoreDocument | -| options | [JptCredentialValidationOptions](#JptCredentialValidationOptions) | -| fail_fast | [FailFast](#FailFast) | - - - -## JptCredentialValidatorUtils -Utility functions for validating JPT credentials. - -**Kind**: global class - -* [JptCredentialValidatorUtils](#JptCredentialValidatorUtils) - * [.extractIssuer(credential)](#JptCredentialValidatorUtils.extractIssuer) ⇒ [CoreDID](#CoreDID) - * [.extractIssuerFromIssuedJpt(credential)](#JptCredentialValidatorUtils.extractIssuerFromIssuedJpt) ⇒ [CoreDID](#CoreDID) - * [.checkTimeframesWithValidityTimeframe2024(credential, validity_timeframe, status_check)](#JptCredentialValidatorUtils.checkTimeframesWithValidityTimeframe2024) - * [.checkRevocationWithValidityTimeframe2024(credential, issuer, status_check)](#JptCredentialValidatorUtils.checkRevocationWithValidityTimeframe2024) - * [.checkTimeframesAndRevocationWithValidityTimeframe2024(credential, issuer, validity_timeframe, status_check)](#JptCredentialValidatorUtils.checkTimeframesAndRevocationWithValidityTimeframe2024) - - - -### JptCredentialValidatorUtils.extractIssuer(credential) ⇒ [CoreDID](#CoreDID) -Utility for extracting the issuer field of a [Credential](#Credential) as a DID. -# Errors -Fails if the issuer field is not a valid DID. - -**Kind**: static method of [JptCredentialValidatorUtils](#JptCredentialValidatorUtils) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | - - - -### JptCredentialValidatorUtils.extractIssuerFromIssuedJpt(credential) ⇒ [CoreDID](#CoreDID) -Utility for extracting the issuer field of a credential in JPT representation as DID. -# Errors -If the JPT decoding fails or the issuer field is not a valid DID. - -**Kind**: static method of [JptCredentialValidatorUtils](#JptCredentialValidatorUtils) - -| Param | Type | -| --- | --- | -| credential | [Jpt](#Jpt) | - - - -### JptCredentialValidatorUtils.checkTimeframesWithValidityTimeframe2024(credential, validity_timeframe, status_check) -**Kind**: static method of [JptCredentialValidatorUtils](#JptCredentialValidatorUtils) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | -| validity_timeframe | [Timestamp](#Timestamp) \| undefined | -| status_check | [StatusCheck](#StatusCheck) | - - - -### JptCredentialValidatorUtils.checkRevocationWithValidityTimeframe2024(credential, issuer, status_check) -Checks whether the credential status has been revoked. - -Only supports `RevocationTimeframe2024`. - -**Kind**: static method of [JptCredentialValidatorUtils](#JptCredentialValidatorUtils) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | -| issuer | [CoreDocument](#CoreDocument) \| IToCoreDocument | -| status_check | [StatusCheck](#StatusCheck) | - - - -### JptCredentialValidatorUtils.checkTimeframesAndRevocationWithValidityTimeframe2024(credential, issuer, validity_timeframe, status_check) -Checks whether the credential status has been revoked or the timeframe interval is INVALID - -Only supports `RevocationTimeframe2024`. - -**Kind**: static method of [JptCredentialValidatorUtils](#JptCredentialValidatorUtils) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | -| issuer | [CoreDocument](#CoreDocument) \| IToCoreDocument | -| validity_timeframe | [Timestamp](#Timestamp) \| undefined | -| status_check | [StatusCheck](#StatusCheck) | - - - -## JptPresentationValidationOptions -Options to declare validation criteria for a [Jpt](#Jpt) presentation. - -**Kind**: global class - -* [JptPresentationValidationOptions](#JptPresentationValidationOptions) - * [new JptPresentationValidationOptions([opts])](#new_JptPresentationValidationOptions_new) - * _instance_ - * [.clone()](#JptPresentationValidationOptions+clone) ⇒ [JptPresentationValidationOptions](#JptPresentationValidationOptions) - * [.toJSON()](#JptPresentationValidationOptions+toJSON) ⇒ any - * _static_ - * [.fromJSON(json)](#JptPresentationValidationOptions.fromJSON) ⇒ [JptPresentationValidationOptions](#JptPresentationValidationOptions) - - - -### new JptPresentationValidationOptions([opts]) - -| Param | Type | -| --- | --- | -| [opts] | IJptPresentationValidationOptions \| undefined | - - - -### jptPresentationValidationOptions.clone() ⇒ [JptPresentationValidationOptions](#JptPresentationValidationOptions) -Deep clones the object. - -**Kind**: instance method of [JptPresentationValidationOptions](#JptPresentationValidationOptions) - - -### jptPresentationValidationOptions.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [JptPresentationValidationOptions](#JptPresentationValidationOptions) - - -### JptPresentationValidationOptions.fromJSON(json) ⇒ [JptPresentationValidationOptions](#JptPresentationValidationOptions) -Deserializes an instance from a JSON object. - -**Kind**: static method of [JptPresentationValidationOptions](#JptPresentationValidationOptions) - -| Param | Type | -| --- | --- | -| json | any | - - - -## JptPresentationValidator -**Kind**: global class - - -### JptPresentationValidator.validate(presentation_jpt, issuer, options, fail_fast) ⇒ [DecodedJptPresentation](#DecodedJptPresentation) -Decodes and validates a Presented [Credential](#Credential) issued as a JPT (JWP Presented Form). A -[DecodedJptPresentation](#DecodedJptPresentation) is returned upon success. - -The following properties are validated according to `options`: -- the holder's proof on the JWP, -- the expiration date, -- the issuance date, -- the semantic structure. - -**Kind**: static method of [JptPresentationValidator](#JptPresentationValidator) - -| Param | Type | -| --- | --- | -| presentation_jpt | [Jpt](#Jpt) | -| issuer | [CoreDocument](#CoreDocument) \| IToCoreDocument | -| options | [JptPresentationValidationOptions](#JptPresentationValidationOptions) | -| fail_fast | [FailFast](#FailFast) | - - - -## JptPresentationValidatorUtils -Utility functions for verifying JPT presentations. - -**Kind**: global class - -* [JptPresentationValidatorUtils](#JptPresentationValidatorUtils) - * [.extractIssuerFromPresentedJpt(presentation)](#JptPresentationValidatorUtils.extractIssuerFromPresentedJpt) ⇒ [CoreDID](#CoreDID) - * [.checkTimeframesWithValidityTimeframe2024(credential, validity_timeframe, status_check)](#JptPresentationValidatorUtils.checkTimeframesWithValidityTimeframe2024) - - - -### JptPresentationValidatorUtils.extractIssuerFromPresentedJpt(presentation) ⇒ [CoreDID](#CoreDID) -Utility for extracting the issuer field of a credential in JPT representation as DID. -# Errors -If the JPT decoding fails or the issuer field is not a valid DID. - -**Kind**: static method of [JptPresentationValidatorUtils](#JptPresentationValidatorUtils) - -| Param | Type | -| --- | --- | -| presentation | [Jpt](#Jpt) | - - - -### JptPresentationValidatorUtils.checkTimeframesWithValidityTimeframe2024(credential, validity_timeframe, status_check) -Check timeframe interval in credentialStatus with `RevocationTimeframeStatus`. - -**Kind**: static method of [JptPresentationValidatorUtils](#JptPresentationValidatorUtils) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | -| validity_timeframe | [Timestamp](#Timestamp) \| undefined | -| status_check | [StatusCheck](#StatusCheck) | - - - -## Jwk -**Kind**: global class - -* [Jwk](#Jwk) - * [new Jwk(jwk)](#new_Jwk_new) - * _instance_ - * [.kty()](#Jwk+kty) ⇒ JwkType - * [.use()](#Jwk+use) ⇒ JwkUse \| undefined - * [.keyOps()](#Jwk+keyOps) ⇒ Array.<JwkOperation> - * [.alg()](#Jwk+alg) ⇒ JwsAlgorithm \| undefined - * [.kid()](#Jwk+kid) ⇒ string \| undefined - * [.x5u()](#Jwk+x5u) ⇒ string \| undefined - * [.x5c()](#Jwk+x5c) ⇒ Array.<string> - * [.x5t()](#Jwk+x5t) ⇒ string \| undefined - * [.x5t256()](#Jwk+x5t256) ⇒ string \| undefined - * [.paramsEc()](#Jwk+paramsEc) ⇒ JwkParamsEc \| undefined - * [.paramsOkp()](#Jwk+paramsOkp) ⇒ JwkParamsOkp \| undefined - * [.paramsOct()](#Jwk+paramsOct) ⇒ JwkParamsOct \| undefined - * [.paramsRsa()](#Jwk+paramsRsa) ⇒ JwkParamsRsa \| undefined - * [.toPublic()](#Jwk+toPublic) ⇒ [Jwk](#Jwk) \| undefined - * [.isPublic()](#Jwk+isPublic) ⇒ boolean - * [.isPrivate()](#Jwk+isPrivate) ⇒ boolean - * [.toJSON()](#Jwk+toJSON) ⇒ any - * [.clone()](#Jwk+clone) ⇒ [Jwk](#Jwk) - * _static_ - * [.fromJSON(json)](#Jwk.fromJSON) ⇒ [Jwk](#Jwk) - - - -### new Jwk(jwk) - -| Param | Type | -| --- | --- | -| jwk | IJwkParams | - - - -### jwk.kty() ⇒ JwkType -Returns the value for the key type parameter (kty). - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.use() ⇒ JwkUse \| undefined -Returns the value for the use property (use). - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.keyOps() ⇒ Array.<JwkOperation> -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.alg() ⇒ JwsAlgorithm \| undefined -Returns the value for the algorithm property (alg). - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.kid() ⇒ string \| undefined -Returns the value of the key ID property (kid). - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.x5u() ⇒ string \| undefined -Returns the value of the X.509 URL property (x5u). - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.x5c() ⇒ Array.<string> -Returns the value of the X.509 certificate chain property (x5c). - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.x5t() ⇒ string \| undefined -Returns the value of the X.509 certificate SHA-1 thumbprint property (x5t). - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.x5t256() ⇒ string \| undefined -Returns the value of the X.509 certificate SHA-256 thumbprint property (x5t#S256). - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.paramsEc() ⇒ JwkParamsEc \| undefined -If this JWK is of kty EC, returns those parameters. - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.paramsOkp() ⇒ JwkParamsOkp \| undefined -If this JWK is of kty OKP, returns those parameters. - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.paramsOct() ⇒ JwkParamsOct \| undefined -If this JWK is of kty OCT, returns those parameters. - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.paramsRsa() ⇒ JwkParamsRsa \| undefined -If this JWK is of kty RSA, returns those parameters. - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.toPublic() ⇒ [Jwk](#Jwk) \| undefined -Returns a clone of the [Jwk](#Jwk) with _all_ private key components unset. -Nothing is returned when `kty = oct` as this key type is not considered public by this library. - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.isPublic() ⇒ boolean -Returns `true` if _all_ private key components of the key are unset, `false` otherwise. - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.isPrivate() ⇒ boolean -Returns `true` if _all_ private key components of the key are set, `false` otherwise. - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [Jwk](#Jwk) - - -### jwk.clone() ⇒ [Jwk](#Jwk) -Deep clones the object. - -**Kind**: instance method of [Jwk](#Jwk) - - -### Jwk.fromJSON(json) ⇒ [Jwk](#Jwk) -Deserializes an instance from a JSON object. - -**Kind**: static method of [Jwk](#Jwk) - -| Param | Type | -| --- | --- | -| json | any | - - - -## JwkGenOutput -The result of a key generation in `JwkStorage`. - -**Kind**: global class - -* [JwkGenOutput](#JwkGenOutput) - * [new JwkGenOutput(key_id, jwk)](#new_JwkGenOutput_new) - * _instance_ - * [.jwk()](#JwkGenOutput+jwk) ⇒ [Jwk](#Jwk) - * [.keyId()](#JwkGenOutput+keyId) ⇒ string - * [.toJSON()](#JwkGenOutput+toJSON) ⇒ any - * [.clone()](#JwkGenOutput+clone) ⇒ [JwkGenOutput](#JwkGenOutput) - * _static_ - * [.fromJSON(json)](#JwkGenOutput.fromJSON) ⇒ [JwkGenOutput](#JwkGenOutput) - - - -### new JwkGenOutput(key_id, jwk) - -| Param | Type | -| --- | --- | -| key_id | string | -| jwk | [Jwk](#Jwk) | - - - -### jwkGenOutput.jwk() ⇒ [Jwk](#Jwk) -Returns the generated public [Jwk](#Jwk). - -**Kind**: instance method of [JwkGenOutput](#JwkGenOutput) - - -### jwkGenOutput.keyId() ⇒ string -Returns the key id of the generated [Jwk](#Jwk). - -**Kind**: instance method of [JwkGenOutput](#JwkGenOutput) - - -### jwkGenOutput.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [JwkGenOutput](#JwkGenOutput) - - -### jwkGenOutput.clone() ⇒ [JwkGenOutput](#JwkGenOutput) -Deep clones the object. - -**Kind**: instance method of [JwkGenOutput](#JwkGenOutput) - - -### JwkGenOutput.fromJSON(json) ⇒ [JwkGenOutput](#JwkGenOutput) -Deserializes an instance from a JSON object. - -**Kind**: static method of [JwkGenOutput](#JwkGenOutput) - -| Param | Type | -| --- | --- | -| json | any | - - - -## JwpCredentialOptions -**Kind**: global class - -* [JwpCredentialOptions](#JwpCredentialOptions) - * _instance_ - * [.kid](#JwpCredentialOptions+kid) ⇒ string \| undefined - * [.kid](#JwpCredentialOptions+kid) - * [.toJSON()](#JwpCredentialOptions+toJSON) ⇒ any - * _static_ - * [.fromJSON(value)](#JwpCredentialOptions.fromJSON) ⇒ [JwpCredentialOptions](#JwpCredentialOptions) - - - -### jwpCredentialOptions.kid ⇒ string \| undefined -**Kind**: instance property of [JwpCredentialOptions](#JwpCredentialOptions) - - -### jwpCredentialOptions.kid -**Kind**: instance property of [JwpCredentialOptions](#JwpCredentialOptions) - -| Param | Type | -| --- | --- | -| [arg0] | string \| undefined | - - - -### jwpCredentialOptions.toJSON() ⇒ any -**Kind**: instance method of [JwpCredentialOptions](#JwpCredentialOptions) - - -### JwpCredentialOptions.fromJSON(value) ⇒ [JwpCredentialOptions](#JwpCredentialOptions) -**Kind**: static method of [JwpCredentialOptions](#JwpCredentialOptions) - -| Param | Type | -| --- | --- | -| value | any | - - - -## JwpIssued -**Kind**: global class - -* [JwpIssued](#JwpIssued) - * _instance_ - * [.toJSON()](#JwpIssued+toJSON) ⇒ any - * [.clone()](#JwpIssued+clone) ⇒ [JwpIssued](#JwpIssued) - * [.encode(serialization)](#JwpIssued+encode) ⇒ string - * [.setProof(proof)](#JwpIssued+setProof) - * [.getProof()](#JwpIssued+getProof) ⇒ Uint8Array - * [.getPayloads()](#JwpIssued+getPayloads) ⇒ [Payloads](#Payloads) - * [.setPayloads(payloads)](#JwpIssued+setPayloads) - * [.getIssuerProtectedHeader()](#JwpIssued+getIssuerProtectedHeader) ⇒ [IssuerProtectedHeader](#IssuerProtectedHeader) - * _static_ - * [.fromJSON(json)](#JwpIssued.fromJSON) ⇒ [JwpIssued](#JwpIssued) - - - -### jwpIssued.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [JwpIssued](#JwpIssued) - - -### jwpIssued.clone() ⇒ [JwpIssued](#JwpIssued) -Deep clones the object. - -**Kind**: instance method of [JwpIssued](#JwpIssued) - - -### jwpIssued.encode(serialization) ⇒ string -**Kind**: instance method of [JwpIssued](#JwpIssued) - -| Param | Type | -| --- | --- | -| serialization | [SerializationType](#SerializationType) | - - - -### jwpIssued.setProof(proof) -**Kind**: instance method of [JwpIssued](#JwpIssued) - -| Param | Type | -| --- | --- | -| proof | Uint8Array | - - - -### jwpIssued.getProof() ⇒ Uint8Array -**Kind**: instance method of [JwpIssued](#JwpIssued) - - -### jwpIssued.getPayloads() ⇒ [Payloads](#Payloads) -**Kind**: instance method of [JwpIssued](#JwpIssued) - - -### jwpIssued.setPayloads(payloads) -**Kind**: instance method of [JwpIssued](#JwpIssued) - -| Param | Type | -| --- | --- | -| payloads | [Payloads](#Payloads) | - - - -### jwpIssued.getIssuerProtectedHeader() ⇒ [IssuerProtectedHeader](#IssuerProtectedHeader) -**Kind**: instance method of [JwpIssued](#JwpIssued) - - -### JwpIssued.fromJSON(json) ⇒ [JwpIssued](#JwpIssued) -Deserializes an instance from a JSON object. - -**Kind**: static method of [JwpIssued](#JwpIssued) - -| Param | Type | -| --- | --- | -| json | any | - - - -## JwpPresentationOptions -Options to be set in the JWT claims of a verifiable presentation. - -**Kind**: global class - -* [JwpPresentationOptions](#JwpPresentationOptions) - * [.audience](#JwpPresentationOptions+audience) ⇒ string \| undefined - * [.audience](#JwpPresentationOptions+audience) - * [.nonce](#JwpPresentationOptions+nonce) ⇒ string \| undefined - * [.nonce](#JwpPresentationOptions+nonce) - - - -### jwpPresentationOptions.audience ⇒ string \| undefined -Sets the audience for presentation (`aud` property in JWP Presentation Header). - -**Kind**: instance property of [JwpPresentationOptions](#JwpPresentationOptions) - - -### jwpPresentationOptions.audience -Sets the audience for presentation (`aud` property in JWP Presentation Header). - -**Kind**: instance property of [JwpPresentationOptions](#JwpPresentationOptions) - -| Param | Type | -| --- | --- | -| [arg0] | string \| undefined | - - - -### jwpPresentationOptions.nonce ⇒ string \| undefined -The nonce to be placed in the Presentation Protected Header. - -**Kind**: instance property of [JwpPresentationOptions](#JwpPresentationOptions) - - -### jwpPresentationOptions.nonce -The nonce to be placed in the Presentation Protected Header. - -**Kind**: instance property of [JwpPresentationOptions](#JwpPresentationOptions) - -| Param | Type | -| --- | --- | -| [arg0] | string \| undefined | - - - -## JwpVerificationOptions -**Kind**: global class - -* [JwpVerificationOptions](#JwpVerificationOptions) - * _instance_ - * [.clone()](#JwpVerificationOptions+clone) ⇒ [JwpVerificationOptions](#JwpVerificationOptions) - * [.toJSON()](#JwpVerificationOptions+toJSON) ⇒ any - * _static_ - * [.fromJSON(json)](#JwpVerificationOptions.fromJSON) ⇒ [JwpVerificationOptions](#JwpVerificationOptions) - * [.new([opts])](#JwpVerificationOptions.new) ⇒ [JwpVerificationOptions](#JwpVerificationOptions) - - - -### jwpVerificationOptions.clone() ⇒ [JwpVerificationOptions](#JwpVerificationOptions) -Deep clones the object. - -**Kind**: instance method of [JwpVerificationOptions](#JwpVerificationOptions) - - -### jwpVerificationOptions.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [JwpVerificationOptions](#JwpVerificationOptions) - - -### JwpVerificationOptions.fromJSON(json) ⇒ [JwpVerificationOptions](#JwpVerificationOptions) -Deserializes an instance from a JSON object. - -**Kind**: static method of [JwpVerificationOptions](#JwpVerificationOptions) - -| Param | Type | -| --- | --- | -| json | any | - - - -### JwpVerificationOptions.new([opts]) ⇒ [JwpVerificationOptions](#JwpVerificationOptions) -**Kind**: static method of [JwpVerificationOptions](#JwpVerificationOptions) - -| Param | Type | -| --- | --- | -| [opts] | IJwpVerificationOptions \| undefined | - - - -## Jws -A wrapper around a JSON Web Signature (JWS). - -**Kind**: global class - -* [Jws](#Jws) - * [new Jws(jws_string)](#new_Jws_new) - * [.toString()](#Jws+toString) ⇒ string - - - -### new Jws(jws_string) -Creates a new [Jws](#Jws) from the given string. - - -| Param | Type | -| --- | --- | -| jws_string | string | - - - -### jws.toString() ⇒ string -Returns a clone of the JWS string. - -**Kind**: instance method of [Jws](#Jws) - - -## JwsHeader -**Kind**: global class - -* [JwsHeader](#JwsHeader) - * [new JwsHeader()](#new_JwsHeader_new) - * _instance_ - * [.alg()](#JwsHeader+alg) ⇒ JwsAlgorithm \| undefined - * [.setAlg(value)](#JwsHeader+setAlg) - * [.b64()](#JwsHeader+b64) ⇒ boolean \| undefined - * [.setB64(value)](#JwsHeader+setB64) - * [.custom()](#JwsHeader+custom) ⇒ Record.<string, any> \| undefined - * [.has(claim)](#JwsHeader+has) ⇒ boolean - * [.isDisjoint(other)](#JwsHeader+isDisjoint) ⇒ boolean - * [.jku()](#JwsHeader+jku) ⇒ string \| undefined - * [.setJku(value)](#JwsHeader+setJku) - * [.jwk()](#JwsHeader+jwk) ⇒ [Jwk](#Jwk) \| undefined - * [.setJwk(value)](#JwsHeader+setJwk) - * [.kid()](#JwsHeader+kid) ⇒ string \| undefined - * [.setKid(value)](#JwsHeader+setKid) - * [.x5u()](#JwsHeader+x5u) ⇒ string \| undefined - * [.setX5u(value)](#JwsHeader+setX5u) - * [.x5c()](#JwsHeader+x5c) ⇒ Array.<string> - * [.setX5c(value)](#JwsHeader+setX5c) - * [.x5t()](#JwsHeader+x5t) ⇒ string \| undefined - * [.setX5t(value)](#JwsHeader+setX5t) - * [.x5tS256()](#JwsHeader+x5tS256) ⇒ string \| undefined - * [.setX5tS256(value)](#JwsHeader+setX5tS256) - * [.typ()](#JwsHeader+typ) ⇒ string \| undefined - * [.setTyp(value)](#JwsHeader+setTyp) - * [.cty()](#JwsHeader+cty) ⇒ string \| undefined - * [.setCty(value)](#JwsHeader+setCty) - * [.crit()](#JwsHeader+crit) ⇒ Array.<string> - * [.setCrit(value)](#JwsHeader+setCrit) - * [.url()](#JwsHeader+url) ⇒ string \| undefined - * [.setUrl(value)](#JwsHeader+setUrl) - * [.nonce()](#JwsHeader+nonce) ⇒ string \| undefined - * [.setNonce(value)](#JwsHeader+setNonce) - * [.toJSON()](#JwsHeader+toJSON) ⇒ any - * [.clone()](#JwsHeader+clone) ⇒ [JwsHeader](#JwsHeader) - * _static_ - * [.fromJSON(json)](#JwsHeader.fromJSON) ⇒ [JwsHeader](#JwsHeader) - - - -### new JwsHeader() -Create a new empty [JwsHeader](#JwsHeader). - - - -### jwsHeader.alg() ⇒ JwsAlgorithm \| undefined -Returns the value for the algorithm claim (alg). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setAlg(value) -Sets a value for the algorithm claim (alg). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | JwsAlgorithm | - - - -### jwsHeader.b64() ⇒ boolean \| undefined -Returns the value of the base64url-encode payload claim (b64). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setB64(value) -Sets a value for the base64url-encode payload claim (b64). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | boolean | - - - -### jwsHeader.custom() ⇒ Record.<string, any> \| undefined -Additional header parameters. - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.has(claim) ⇒ boolean -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| claim | string | - - - -### jwsHeader.isDisjoint(other) ⇒ boolean -Returns `true` if none of the fields are set in both `self` and `other`. - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| other | [JwsHeader](#JwsHeader) | - - - -### jwsHeader.jku() ⇒ string \| undefined -Returns the value of the JWK Set URL claim (jku). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setJku(value) -Sets a value for the JWK Set URL claim (jku). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsHeader.jwk() ⇒ [Jwk](#Jwk) \| undefined -Returns the value of the JWK claim (jwk). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setJwk(value) -Sets a value for the JWK claim (jwk). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | [Jwk](#Jwk) | - - - -### jwsHeader.kid() ⇒ string \| undefined -Returns the value of the key ID claim (kid). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setKid(value) -Sets a value for the key ID claim (kid). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsHeader.x5u() ⇒ string \| undefined -Returns the value of the X.509 URL claim (x5u). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setX5u(value) -Sets a value for the X.509 URL claim (x5u). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsHeader.x5c() ⇒ Array.<string> -Returns the value of the X.509 certificate chain claim (x5c). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setX5c(value) -Sets values for the X.509 certificate chain claim (x5c). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | Array.<string> | - - - -### jwsHeader.x5t() ⇒ string \| undefined -Returns the value of the X.509 certificate SHA-1 thumbprint claim (x5t). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setX5t(value) -Sets a value for the X.509 certificate SHA-1 thumbprint claim (x5t). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsHeader.x5tS256() ⇒ string \| undefined -Returns the value of the X.509 certificate SHA-256 thumbprint claim -(x5t#S256). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setX5tS256(value) -Sets a value for the X.509 certificate SHA-256 thumbprint claim -(x5t#S256). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsHeader.typ() ⇒ string \| undefined -Returns the value of the token type claim (typ). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setTyp(value) -Sets a value for the token type claim (typ). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsHeader.cty() ⇒ string \| undefined -Returns the value of the content type claim (cty). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setCty(value) -Sets a value for the content type claim (cty). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsHeader.crit() ⇒ Array.<string> -Returns the value of the critical claim (crit). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setCrit(value) -Sets values for the critical claim (crit). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | Array.<string> | - - - -### jwsHeader.url() ⇒ string \| undefined -Returns the value of the url claim (url). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setUrl(value) -Sets a value for the url claim (url). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsHeader.nonce() ⇒ string \| undefined -Returns the value of the nonce claim (nonce). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.setNonce(value) -Sets a value for the nonce claim (nonce). - -**Kind**: instance method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsHeader.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### jwsHeader.clone() ⇒ [JwsHeader](#JwsHeader) -Deep clones the object. - -**Kind**: instance method of [JwsHeader](#JwsHeader) - - -### JwsHeader.fromJSON(json) ⇒ [JwsHeader](#JwsHeader) -Deserializes an instance from a JSON object. - -**Kind**: static method of [JwsHeader](#JwsHeader) - -| Param | Type | -| --- | --- | -| json | any | - - - -## JwsSignatureOptions -**Kind**: global class - -* [JwsSignatureOptions](#JwsSignatureOptions) - * [new JwsSignatureOptions([options])](#new_JwsSignatureOptions_new) - * _instance_ - * [.setAttachJwk(value)](#JwsSignatureOptions+setAttachJwk) - * [.setB64(value)](#JwsSignatureOptions+setB64) - * [.setTyp(value)](#JwsSignatureOptions+setTyp) - * [.setCty(value)](#JwsSignatureOptions+setCty) - * [.serUrl(value)](#JwsSignatureOptions+serUrl) - * [.setNonce(value)](#JwsSignatureOptions+setNonce) - * [.setKid(value)](#JwsSignatureOptions+setKid) - * [.setDetachedPayload(value)](#JwsSignatureOptions+setDetachedPayload) - * [.setCustomHeaderParameters(value)](#JwsSignatureOptions+setCustomHeaderParameters) - * [.toJSON()](#JwsSignatureOptions+toJSON) ⇒ any - * [.clone()](#JwsSignatureOptions+clone) ⇒ [JwsSignatureOptions](#JwsSignatureOptions) - * _static_ - * [.fromJSON(json)](#JwsSignatureOptions.fromJSON) ⇒ [JwsSignatureOptions](#JwsSignatureOptions) - - - -### new JwsSignatureOptions([options]) - -| Param | Type | -| --- | --- | -| [options] | IJwsSignatureOptions \| undefined | - - - -### jwsSignatureOptions.setAttachJwk(value) -Replace the value of the `attachJwk` field. - -**Kind**: instance method of [JwsSignatureOptions](#JwsSignatureOptions) - -| Param | Type | -| --- | --- | -| value | boolean | - - - -### jwsSignatureOptions.setB64(value) -Replace the value of the `b64` field. - -**Kind**: instance method of [JwsSignatureOptions](#JwsSignatureOptions) - -| Param | Type | -| --- | --- | -| value | boolean | - - - -### jwsSignatureOptions.setTyp(value) -Replace the value of the `typ` field. - -**Kind**: instance method of [JwsSignatureOptions](#JwsSignatureOptions) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsSignatureOptions.setCty(value) -Replace the value of the `cty` field. - -**Kind**: instance method of [JwsSignatureOptions](#JwsSignatureOptions) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsSignatureOptions.serUrl(value) -Replace the value of the `url` field. - -**Kind**: instance method of [JwsSignatureOptions](#JwsSignatureOptions) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsSignatureOptions.setNonce(value) -Replace the value of the `nonce` field. - -**Kind**: instance method of [JwsSignatureOptions](#JwsSignatureOptions) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsSignatureOptions.setKid(value) -Replace the value of the `kid` field. - -**Kind**: instance method of [JwsSignatureOptions](#JwsSignatureOptions) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsSignatureOptions.setDetachedPayload(value) -Replace the value of the `detached_payload` field. - -**Kind**: instance method of [JwsSignatureOptions](#JwsSignatureOptions) - -| Param | Type | -| --- | --- | -| value | boolean | - - - -### jwsSignatureOptions.setCustomHeaderParameters(value) -Add additional header parameters. - -**Kind**: instance method of [JwsSignatureOptions](#JwsSignatureOptions) - -| Param | Type | -| --- | --- | -| value | Record.<string, any> | - - - -### jwsSignatureOptions.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [JwsSignatureOptions](#JwsSignatureOptions) - - -### jwsSignatureOptions.clone() ⇒ [JwsSignatureOptions](#JwsSignatureOptions) -Deep clones the object. - -**Kind**: instance method of [JwsSignatureOptions](#JwsSignatureOptions) - - -### JwsSignatureOptions.fromJSON(json) ⇒ [JwsSignatureOptions](#JwsSignatureOptions) -Deserializes an instance from a JSON object. - -**Kind**: static method of [JwsSignatureOptions](#JwsSignatureOptions) - -| Param | Type | -| --- | --- | -| json | any | - - - -## JwsVerificationOptions -**Kind**: global class - -* [JwsVerificationOptions](#JwsVerificationOptions) - * [new JwsVerificationOptions([options])](#new_JwsVerificationOptions_new) - * _instance_ - * [.setNonce(value)](#JwsVerificationOptions+setNonce) - * [.setMethodScope(value)](#JwsVerificationOptions+setMethodScope) - * [.setMethodId(value)](#JwsVerificationOptions+setMethodId) - * [.toJSON()](#JwsVerificationOptions+toJSON) ⇒ any - * [.clone()](#JwsVerificationOptions+clone) ⇒ [JwsVerificationOptions](#JwsVerificationOptions) - * _static_ - * [.fromJSON(json)](#JwsVerificationOptions.fromJSON) ⇒ [JwsVerificationOptions](#JwsVerificationOptions) - - - -### new JwsVerificationOptions([options]) -Creates a new [JwsVerificationOptions](#JwsVerificationOptions) from the given fields. - - -| Param | Type | -| --- | --- | -| [options] | IJwsVerificationOptions \| undefined | - - - -### jwsVerificationOptions.setNonce(value) -Set the expected value for the `nonce` parameter of the protected header. - -**Kind**: instance method of [JwsVerificationOptions](#JwsVerificationOptions) - -| Param | Type | -| --- | --- | -| value | string | - - - -### jwsVerificationOptions.setMethodScope(value) -Set the scope of the verification methods that may be used to verify the given JWS. - -**Kind**: instance method of [JwsVerificationOptions](#JwsVerificationOptions) - -| Param | Type | -| --- | --- | -| value | [MethodScope](#MethodScope) | - - - -### jwsVerificationOptions.setMethodId(value) -Set the DID URl of the method, whose JWK should be used to verify the JWS. - -**Kind**: instance method of [JwsVerificationOptions](#JwsVerificationOptions) - -| Param | Type | -| --- | --- | -| value | [DIDUrl](#DIDUrl) | - - - -### jwsVerificationOptions.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [JwsVerificationOptions](#JwsVerificationOptions) - - -### jwsVerificationOptions.clone() ⇒ [JwsVerificationOptions](#JwsVerificationOptions) -Deep clones the object. - -**Kind**: instance method of [JwsVerificationOptions](#JwsVerificationOptions) - - -### JwsVerificationOptions.fromJSON(json) ⇒ [JwsVerificationOptions](#JwsVerificationOptions) -Deserializes an instance from a JSON object. - -**Kind**: static method of [JwsVerificationOptions](#JwsVerificationOptions) - -| Param | Type | -| --- | --- | -| json | any | - - - -## Jwt -A wrapper around a JSON Web Token (JWK). - -**Kind**: global class - -* [Jwt](#Jwt) - * [new Jwt(jwt_string)](#new_Jwt_new) - * _instance_ - * [.toString()](#Jwt+toString) ⇒ string - * [.toJSON()](#Jwt+toJSON) ⇒ any - * [.clone()](#Jwt+clone) ⇒ [Jwt](#Jwt) - * _static_ - * [.fromJSON(json)](#Jwt.fromJSON) ⇒ [Jwt](#Jwt) - - - -### new Jwt(jwt_string) -Creates a new [Jwt](#Jwt) from the given string. - - -| Param | Type | -| --- | --- | -| jwt_string | string | - - - -### jwt.toString() ⇒ string -Returns a clone of the JWT string. - -**Kind**: instance method of [Jwt](#Jwt) - - -### jwt.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [Jwt](#Jwt) - - -### jwt.clone() ⇒ [Jwt](#Jwt) -Deep clones the object. - -**Kind**: instance method of [Jwt](#Jwt) - - -### Jwt.fromJSON(json) ⇒ [Jwt](#Jwt) -Deserializes an instance from a JSON object. - -**Kind**: static method of [Jwt](#Jwt) - -| Param | Type | -| --- | --- | -| json | any | - - - -## JwtCredentialValidationOptions -Options to declare validation criteria when validating credentials. - -**Kind**: global class - -* [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) - * [new JwtCredentialValidationOptions([options])](#new_JwtCredentialValidationOptions_new) - * _instance_ - * [.toJSON()](#JwtCredentialValidationOptions+toJSON) ⇒ any - * [.clone()](#JwtCredentialValidationOptions+clone) ⇒ [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) - * _static_ - * [.fromJSON(json)](#JwtCredentialValidationOptions.fromJSON) ⇒ [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) - - - -### new JwtCredentialValidationOptions([options]) - -| Param | Type | -| --- | --- | -| [options] | IJwtCredentialValidationOptions \| undefined | - - - -### jwtCredentialValidationOptions.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) - - -### jwtCredentialValidationOptions.clone() ⇒ [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) -Deep clones the object. - -**Kind**: instance method of [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) - - -### JwtCredentialValidationOptions.fromJSON(json) ⇒ [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) -Deserializes an instance from a JSON object. - -**Kind**: static method of [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) - -| Param | Type | -| --- | --- | -| json | any | - - - -## JwtCredentialValidator -A type for decoding and validating [Credential](#Credential). - -**Kind**: global class - -* [JwtCredentialValidator](#JwtCredentialValidator) - * [new JwtCredentialValidator(signatureVerifier)](#new_JwtCredentialValidator_new) - * _instance_ - * [.validate(credential_jwt, issuer, options, fail_fast)](#JwtCredentialValidator+validate) ⇒ [DecodedJwtCredential](#DecodedJwtCredential) - * [.verifySignature(credential, trustedIssuers, options)](#JwtCredentialValidator+verifySignature) ⇒ [DecodedJwtCredential](#DecodedJwtCredential) - * _static_ - * [.checkExpiresOnOrAfter(credential, timestamp)](#JwtCredentialValidator.checkExpiresOnOrAfter) - * [.checkIssuedOnOrBefore(credential, timestamp)](#JwtCredentialValidator.checkIssuedOnOrBefore) - * [.checkSubjectHolderRelationship(credential, holder, relationship)](#JwtCredentialValidator.checkSubjectHolderRelationship) - * [.checkStatus(credential, trustedIssuers, statusCheck)](#JwtCredentialValidator.checkStatus) - * [.checkStatusWithStatusList2021(credential, status_list, status_check)](#JwtCredentialValidator.checkStatusWithStatusList2021) - * [.extractIssuer(credential)](#JwtCredentialValidator.extractIssuer) ⇒ [CoreDID](#CoreDID) - * [.extractIssuerFromJwt(credential)](#JwtCredentialValidator.extractIssuerFromJwt) ⇒ [CoreDID](#CoreDID) - - - -### new JwtCredentialValidator(signatureVerifier) -Creates a new [JwtCredentialValidator](#JwtCredentialValidator). If a `signatureVerifier` is provided it will be used when -verifying decoded JWS signatures, otherwise the default which is only capable of handling the `EdDSA` -algorithm will be used. - - -| Param | Type | -| --- | --- | -| signatureVerifier | IJwsVerifier | - - - -### jwtCredentialValidator.validate(credential_jwt, issuer, options, fail_fast) ⇒ [DecodedJwtCredential](#DecodedJwtCredential) -Decodes and validates a [Credential](#Credential) issued as a JWS. A [DecodedJwtCredential](#DecodedJwtCredential) is returned upon -success. - -The following properties are validated according to `options`: -- the issuer's signature on the JWS, -- the expiration date, -- the issuance date, -- the semantic structure. - -# Warning -The lack of an error returned from this method is in of itself not enough to conclude that the credential can be -trusted. This section contains more information on additional checks that should be carried out before and after -calling this method. - -## The state of the issuer's DID Document -The caller must ensure that `issuer` represents an up-to-date DID Document. - -## Properties that are not validated - There are many properties defined in [The Verifiable Credentials Data Model](https://www.w3.org/TR/vc-data-model/) that are **not** validated, such as: -`proof`, `credentialStatus`, `type`, `credentialSchema`, `refreshService` **and more**. -These should be manually checked after validation, according to your requirements. - -# Errors -An error is returned whenever a validated condition is not satisfied. - -**Kind**: instance method of [JwtCredentialValidator](#JwtCredentialValidator) - -| Param | Type | -| --- | --- | -| credential_jwt | [Jwt](#Jwt) | -| issuer | [CoreDocument](#CoreDocument) \| IToCoreDocument | -| options | [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) | -| fail_fast | [FailFast](#FailFast) | - - - -### jwtCredentialValidator.verifySignature(credential, trustedIssuers, options) ⇒ [DecodedJwtCredential](#DecodedJwtCredential) -Decode and verify the JWS signature of a [Credential](#Credential) issued as a JWT using the DID Document of a trusted -issuer. - -A [DecodedJwtCredential](#DecodedJwtCredential) is returned upon success. - -# Warning -The caller must ensure that the DID Documents of the trusted issuers are up-to-date. - -## Proofs - Only the JWS signature is verified. If the [Credential](#Credential) contains a `proof` property this will not be -verified by this method. - -# Errors -This method immediately returns an error if -the credential issuer' url cannot be parsed to a DID belonging to one of the trusted issuers. Otherwise an attempt -to verify the credential's signature will be made and an error is returned upon failure. - -**Kind**: instance method of [JwtCredentialValidator](#JwtCredentialValidator) - -| Param | Type | -| --- | --- | -| credential | [Jwt](#Jwt) | -| trustedIssuers | Array.<(CoreDocument\|IToCoreDocument)> | -| options | [JwsVerificationOptions](#JwsVerificationOptions) | - - - -### JwtCredentialValidator.checkExpiresOnOrAfter(credential, timestamp) -Validate that the credential expires on or after the specified timestamp. - -**Kind**: static method of [JwtCredentialValidator](#JwtCredentialValidator) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | -| timestamp | [Timestamp](#Timestamp) | - - - -### JwtCredentialValidator.checkIssuedOnOrBefore(credential, timestamp) -Validate that the credential is issued on or before the specified timestamp. - -**Kind**: static method of [JwtCredentialValidator](#JwtCredentialValidator) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | -| timestamp | [Timestamp](#Timestamp) | - - - -### JwtCredentialValidator.checkSubjectHolderRelationship(credential, holder, relationship) -Validate that the relationship between the `holder` and the credential subjects is in accordance with -`relationship`. The `holder` parameter is expected to be the URL of the holder. - -**Kind**: static method of [JwtCredentialValidator](#JwtCredentialValidator) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | -| holder | string | -| relationship | [SubjectHolderRelationship](#SubjectHolderRelationship) | - - - -### JwtCredentialValidator.checkStatus(credential, trustedIssuers, statusCheck) -Checks whether the credential status has been revoked. - -Only supports `RevocationBitmap2022`. - -**Kind**: static method of [JwtCredentialValidator](#JwtCredentialValidator) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | -| trustedIssuers | Array.<(CoreDocument\|IToCoreDocument)> | -| statusCheck | [StatusCheck](#StatusCheck) | - - - -### JwtCredentialValidator.checkStatusWithStatusList2021(credential, status_list, status_check) -Checks wheter the credential status has been revoked using `StatusList2021`. - -**Kind**: static method of [JwtCredentialValidator](#JwtCredentialValidator) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | -| status_list | [StatusList2021Credential](#StatusList2021Credential) | -| status_check | [StatusCheck](#StatusCheck) | - - - -### JwtCredentialValidator.extractIssuer(credential) ⇒ [CoreDID](#CoreDID) -Utility for extracting the issuer field of a [Credential](#Credential) as a DID. - -### Errors - -Fails if the issuer field is not a valid DID. - -**Kind**: static method of [JwtCredentialValidator](#JwtCredentialValidator) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | - - - -### JwtCredentialValidator.extractIssuerFromJwt(credential) ⇒ [CoreDID](#CoreDID) -Utility for extracting the issuer field of a credential in JWT representation as DID. - -# Errors - -If the JWT decoding fails or the issuer field is not a valid DID. - -**Kind**: static method of [JwtCredentialValidator](#JwtCredentialValidator) - -| Param | Type | -| --- | --- | -| credential | [Jwt](#Jwt) | - - - -## JwtDomainLinkageValidator -A validator for a Domain Linkage Configuration and Credentials. - -**Kind**: global class - -* [JwtDomainLinkageValidator](#JwtDomainLinkageValidator) - * [new JwtDomainLinkageValidator(signatureVerifier)](#new_JwtDomainLinkageValidator_new) - * [.validateLinkage(issuer, configuration, domain, options)](#JwtDomainLinkageValidator+validateLinkage) - * [.validateCredential(issuer, credentialJwt, domain, options)](#JwtDomainLinkageValidator+validateCredential) - - - -### new JwtDomainLinkageValidator(signatureVerifier) -Creates a new [JwtDomainLinkageValidator](#JwtDomainLinkageValidator). If a `signatureVerifier` is provided it will be used when -verifying decoded JWS signatures, otherwise the default which is only capable of handling the `EdDSA` -algorithm will be used. - - -| Param | Type | -| --- | --- | -| signatureVerifier | IJwsVerifier | - - - -### jwtDomainLinkageValidator.validateLinkage(issuer, configuration, domain, options) -Validates the linkage between a domain and a DID. -[DomainLinkageConfiguration](#DomainLinkageConfiguration) is validated according to [DID Configuration Resource Verification](https://identity.foundation/.well-known/resources/did-configuration/#did-configuration-resource-verification). - -Linkage is valid if no error is thrown. - -# Note: -- Only the [JSON Web Token Proof Format](https://identity.foundation/.well-known/resources/did-configuration/#json-web-token-proof-format) - is supported. -- Only the Credential issued by `issuer` is verified. - -# Errors - - - Semantic structure of `configuration` is invalid. - - `configuration` includes multiple credentials issued by `issuer`. - - Validation of the matched Domain Linkage Credential fails. - -**Kind**: instance method of [JwtDomainLinkageValidator](#JwtDomainLinkageValidator) - -| Param | Type | -| --- | --- | -| issuer | [CoreDocument](#CoreDocument) \| IToCoreDocument | -| configuration | [DomainLinkageConfiguration](#DomainLinkageConfiguration) | -| domain | string | -| options | [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) | - - - -### jwtDomainLinkageValidator.validateCredential(issuer, credentialJwt, domain, options) -Validates a [Domain Linkage Credential](https://identity.foundation/.well-known/resources/did-configuration/#domain-linkage-credential). - -Error will be thrown in case the validation fails. - -**Kind**: instance method of [JwtDomainLinkageValidator](#JwtDomainLinkageValidator) - -| Param | Type | -| --- | --- | -| issuer | [CoreDocument](#CoreDocument) \| IToCoreDocument | -| credentialJwt | [Jwt](#Jwt) | -| domain | string | -| options | [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) | - - - -## JwtPresentationOptions -**Kind**: global class - -* [JwtPresentationOptions](#JwtPresentationOptions) - * [new JwtPresentationOptions([options])](#new_JwtPresentationOptions_new) - * _instance_ - * [.toJSON()](#JwtPresentationOptions+toJSON) ⇒ any - * [.clone()](#JwtPresentationOptions+clone) ⇒ [JwtPresentationOptions](#JwtPresentationOptions) - * _static_ - * [.fromJSON(json)](#JwtPresentationOptions.fromJSON) ⇒ [JwtPresentationOptions](#JwtPresentationOptions) - - - -### new JwtPresentationOptions([options]) -Creates a new [JwtPresentationOptions](#JwtPresentationOptions) from the given fields. - -Throws an error if any of the options are invalid. - - -| Param | Type | -| --- | --- | -| [options] | IJwtPresentationOptions \| undefined | - - - -### jwtPresentationOptions.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [JwtPresentationOptions](#JwtPresentationOptions) - - -### jwtPresentationOptions.clone() ⇒ [JwtPresentationOptions](#JwtPresentationOptions) -Deep clones the object. - -**Kind**: instance method of [JwtPresentationOptions](#JwtPresentationOptions) - - -### JwtPresentationOptions.fromJSON(json) ⇒ [JwtPresentationOptions](#JwtPresentationOptions) -Deserializes an instance from a JSON object. - -**Kind**: static method of [JwtPresentationOptions](#JwtPresentationOptions) - -| Param | Type | -| --- | --- | -| json | any | - - - -## JwtPresentationValidationOptions -Options to declare validation criteria when validating presentation. - -**Kind**: global class - -* [JwtPresentationValidationOptions](#JwtPresentationValidationOptions) - * [new JwtPresentationValidationOptions([options])](#new_JwtPresentationValidationOptions_new) - * _instance_ - * [.toJSON()](#JwtPresentationValidationOptions+toJSON) ⇒ any - * [.clone()](#JwtPresentationValidationOptions+clone) ⇒ [JwtPresentationValidationOptions](#JwtPresentationValidationOptions) - * _static_ - * [.fromJSON(json)](#JwtPresentationValidationOptions.fromJSON) ⇒ [JwtPresentationValidationOptions](#JwtPresentationValidationOptions) - - - -### new JwtPresentationValidationOptions([options]) -Creates a new [JwtPresentationValidationOptions](#JwtPresentationValidationOptions) from the given fields. - -Throws an error if any of the options are invalid. - - -| Param | Type | -| --- | --- | -| [options] | IJwtPresentationValidationOptions \| undefined | - - - -### jwtPresentationValidationOptions.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [JwtPresentationValidationOptions](#JwtPresentationValidationOptions) - - -### jwtPresentationValidationOptions.clone() ⇒ [JwtPresentationValidationOptions](#JwtPresentationValidationOptions) -Deep clones the object. - -**Kind**: instance method of [JwtPresentationValidationOptions](#JwtPresentationValidationOptions) - - -### JwtPresentationValidationOptions.fromJSON(json) ⇒ [JwtPresentationValidationOptions](#JwtPresentationValidationOptions) -Deserializes an instance from a JSON object. - -**Kind**: static method of [JwtPresentationValidationOptions](#JwtPresentationValidationOptions) - -| Param | Type | -| --- | --- | -| json | any | - - - -## JwtPresentationValidator -**Kind**: global class - -* [JwtPresentationValidator](#JwtPresentationValidator) - * [new JwtPresentationValidator(signatureVerifier)](#new_JwtPresentationValidator_new) - * _instance_ - * [.validate(presentationJwt, holder, validation_options)](#JwtPresentationValidator+validate) ⇒ [DecodedJwtPresentation](#DecodedJwtPresentation) - * _static_ - * [.checkStructure(presentation)](#JwtPresentationValidator.checkStructure) - * [.extractHolder(presentation)](#JwtPresentationValidator.extractHolder) ⇒ [CoreDID](#CoreDID) - - - -### new JwtPresentationValidator(signatureVerifier) -Creates a new [JwtPresentationValidator](#JwtPresentationValidator). If a `signatureVerifier` is provided it will be used when -verifying decoded JWS signatures, otherwise the default which is only capable of handling the `EdDSA` -algorithm will be used. - - -| Param | Type | -| --- | --- | -| signatureVerifier | IJwsVerifier | - - - -### jwtPresentationValidator.validate(presentationJwt, holder, validation_options) ⇒ [DecodedJwtPresentation](#DecodedJwtPresentation) -Validates a [Presentation](#Presentation) encoded as a [Jwt](#Jwt). - -The following properties are validated according to `options`: -- the JWT can be decoded into a semantically valid presentation. -- the expiration and issuance date contained in the JWT claims. -- the holder's signature. - -Validation is done with respect to the properties set in `options`. - -# Warning - -* This method does NOT validate the constituent credentials and therefore also not the relationship between the -credentials' subjects and the presentation holder. This can be done with [JwtCredentialValidationOptions](#JwtCredentialValidationOptions). -* The lack of an error returned from this method is in of itself not enough to conclude that the presentation can -be trusted. This section contains more information on additional checks that should be carried out before and -after calling this method. - -## The state of the supplied DID Documents. - -The caller must ensure that the DID Documents in `holder` are up-to-date. - -# Errors - -An error is returned whenever a validated condition is not satisfied or when decoding fails. - -**Kind**: instance method of [JwtPresentationValidator](#JwtPresentationValidator) - -| Param | Type | -| --- | --- | -| presentationJwt | [Jwt](#Jwt) | -| holder | [CoreDocument](#CoreDocument) \| IToCoreDocument | -| validation_options | [JwtPresentationValidationOptions](#JwtPresentationValidationOptions) | - - - -### JwtPresentationValidator.checkStructure(presentation) -Validates the semantic structure of the [Presentation](#Presentation). - -**Kind**: static method of [JwtPresentationValidator](#JwtPresentationValidator) - -| Param | Type | -| --- | --- | -| presentation | [Presentation](#Presentation) | - - - -### JwtPresentationValidator.extractHolder(presentation) ⇒ [CoreDID](#CoreDID) -Attempt to extract the holder of the presentation. - -# Errors: -* If deserialization/decoding of the presentation fails. -* If the holder can't be parsed as DIDs. - -**Kind**: static method of [JwtPresentationValidator](#JwtPresentationValidator) - -| Param | Type | -| --- | --- | -| presentation | [Jwt](#Jwt) | - - - -## KeyBindingJWTValidationOptions -Options to declare validation criteria when validating credentials. - -**Kind**: global class - -* [KeyBindingJWTValidationOptions](#KeyBindingJWTValidationOptions) - * [new KeyBindingJWTValidationOptions([options])](#new_KeyBindingJWTValidationOptions_new) - * _instance_ - * [.toJSON()](#KeyBindingJWTValidationOptions+toJSON) ⇒ any - * [.clone()](#KeyBindingJWTValidationOptions+clone) ⇒ [KeyBindingJWTValidationOptions](#KeyBindingJWTValidationOptions) - * _static_ - * [.fromJSON(json)](#KeyBindingJWTValidationOptions.fromJSON) ⇒ [KeyBindingJWTValidationOptions](#KeyBindingJWTValidationOptions) - - - -### new KeyBindingJWTValidationOptions([options]) - -| Param | Type | -| --- | --- | -| [options] | IKeyBindingJWTValidationOptions \| undefined | - - - -### keyBindingJWTValidationOptions.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [KeyBindingJWTValidationOptions](#KeyBindingJWTValidationOptions) - - -### keyBindingJWTValidationOptions.clone() ⇒ [KeyBindingJWTValidationOptions](#KeyBindingJWTValidationOptions) -Deep clones the object. - -**Kind**: instance method of [KeyBindingJWTValidationOptions](#KeyBindingJWTValidationOptions) - - -### KeyBindingJWTValidationOptions.fromJSON(json) ⇒ [KeyBindingJWTValidationOptions](#KeyBindingJWTValidationOptions) -Deserializes an instance from a JSON object. - -**Kind**: static method of [KeyBindingJWTValidationOptions](#KeyBindingJWTValidationOptions) - -| Param | Type | -| --- | --- | -| json | any | - - - -## KeyBindingJwtClaims -Claims set for key binding JWT. - -**Kind**: global class - -* [KeyBindingJwtClaims](#KeyBindingJwtClaims) - * [new KeyBindingJwtClaims(jwt, disclosures, nonce, aud, [issued_at], [custom_properties])](#new_KeyBindingJwtClaims_new) - * _instance_ - * [.toString()](#KeyBindingJwtClaims+toString) ⇒ string - * [.iat()](#KeyBindingJwtClaims+iat) ⇒ bigint - * [.aud()](#KeyBindingJwtClaims+aud) ⇒ string - * [.nonce()](#KeyBindingJwtClaims+nonce) ⇒ string - * [.sdHash()](#KeyBindingJwtClaims+sdHash) ⇒ string - * [.customProperties()](#KeyBindingJwtClaims+customProperties) ⇒ Record.<string, any> - * [.toJSON()](#KeyBindingJwtClaims+toJSON) ⇒ any - * [.clone()](#KeyBindingJwtClaims+clone) ⇒ [KeyBindingJwtClaims](#KeyBindingJwtClaims) - * _static_ - * [.keyBindingJwtHeaderTyp()](#KeyBindingJwtClaims.keyBindingJwtHeaderTyp) ⇒ string - * [.fromJSON(json)](#KeyBindingJwtClaims.fromJSON) ⇒ [KeyBindingJwtClaims](#KeyBindingJwtClaims) - - - -### new KeyBindingJwtClaims(jwt, disclosures, nonce, aud, [issued_at], [custom_properties]) -Creates a new [`KeyBindingJwtClaims`]. -When `issued_at` is left as None, it will automatically default to the current time. - -# Error -When `issued_at` is set to `None` and the system returns time earlier than `SystemTime::UNIX_EPOCH`. - - -| Param | Type | -| --- | --- | -| jwt | string | -| disclosures | Array.<string> | -| nonce | string | -| aud | string | -| [issued_at] | [Timestamp](#Timestamp) \| undefined | -| [custom_properties] | Record.<string, any> \| undefined | - - - -### keyBindingJwtClaims.toString() ⇒ string -Returns a string representation of the claims. - -**Kind**: instance method of [KeyBindingJwtClaims](#KeyBindingJwtClaims) - - -### keyBindingJwtClaims.iat() ⇒ bigint -Returns a copy of the issued at `iat` property. - -**Kind**: instance method of [KeyBindingJwtClaims](#KeyBindingJwtClaims) - - -### keyBindingJwtClaims.aud() ⇒ string -Returns a copy of the audience `aud` property. - -**Kind**: instance method of [KeyBindingJwtClaims](#KeyBindingJwtClaims) - - -### keyBindingJwtClaims.nonce() ⇒ string -Returns a copy of the `nonce` property. - -**Kind**: instance method of [KeyBindingJwtClaims](#KeyBindingJwtClaims) - - -### keyBindingJwtClaims.sdHash() ⇒ string -Returns a copy of the `sd_hash` property. - -**Kind**: instance method of [KeyBindingJwtClaims](#KeyBindingJwtClaims) - - -### keyBindingJwtClaims.customProperties() ⇒ Record.<string, any> -Returns a copy of the custom properties. - -**Kind**: instance method of [KeyBindingJwtClaims](#KeyBindingJwtClaims) - - -### keyBindingJwtClaims.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [KeyBindingJwtClaims](#KeyBindingJwtClaims) - - -### keyBindingJwtClaims.clone() ⇒ [KeyBindingJwtClaims](#KeyBindingJwtClaims) -Deep clones the object. - -**Kind**: instance method of [KeyBindingJwtClaims](#KeyBindingJwtClaims) - - -### KeyBindingJwtClaims.keyBindingJwtHeaderTyp() ⇒ string -Returns the value of the `typ` property of the JWT header according to -https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-07.html#name-key-binding-jwt - -**Kind**: static method of [KeyBindingJwtClaims](#KeyBindingJwtClaims) - - -### KeyBindingJwtClaims.fromJSON(json) ⇒ [KeyBindingJwtClaims](#KeyBindingJwtClaims) -Deserializes an instance from a JSON object. - -**Kind**: static method of [KeyBindingJwtClaims](#KeyBindingJwtClaims) - -| Param | Type | -| --- | --- | -| json | any | - - - -## LinkedDomainService -**Kind**: global class - -* [LinkedDomainService](#LinkedDomainService) - * [new LinkedDomainService(options)](#new_LinkedDomainService_new) - * _instance_ - * [.domains()](#LinkedDomainService+domains) ⇒ Array.<string> - * [.toService()](#LinkedDomainService+toService) ⇒ [Service](#Service) - * [.clone()](#LinkedDomainService+clone) ⇒ [LinkedDomainService](#LinkedDomainService) - * _static_ - * [.fromService(service)](#LinkedDomainService.fromService) ⇒ [LinkedDomainService](#LinkedDomainService) - * [.isValid(service)](#LinkedDomainService.isValid) ⇒ boolean - - - -### new LinkedDomainService(options) -Constructs a new [LinkedDomainService](#LinkedDomainService) that wraps a spec compliant [Linked Domain Service Endpoint](https://identity.foundation/.well-known/resources/did-configuration/#linked-domain-service-endpoint). - -Domain URLs must include the `https` scheme in order to pass the domain linkage validation. - - -| Param | Type | -| --- | --- | -| options | ILinkedDomainService | - - - -### linkedDomainService.domains() ⇒ Array.<string> -Returns the domains contained in the Linked Domain Service. - -**Kind**: instance method of [LinkedDomainService](#LinkedDomainService) - - -### linkedDomainService.toService() ⇒ [Service](#Service) -Returns the inner service which can be added to a DID Document. - -**Kind**: instance method of [LinkedDomainService](#LinkedDomainService) - - -### linkedDomainService.clone() ⇒ [LinkedDomainService](#LinkedDomainService) -Deep clones the object. - -**Kind**: instance method of [LinkedDomainService](#LinkedDomainService) - - -### LinkedDomainService.fromService(service) ⇒ [LinkedDomainService](#LinkedDomainService) -Creates a new [LinkedDomainService](#LinkedDomainService) from a [Service](#Service). - -# Error - -Errors if `service` is not a valid Linked Domain Service. - -**Kind**: static method of [LinkedDomainService](#LinkedDomainService) - -| Param | Type | -| --- | --- | -| service | [Service](#Service) | - - - -### LinkedDomainService.isValid(service) ⇒ boolean -Returns `true` if a [Service](#Service) is a valid Linked Domain Service. - -**Kind**: static method of [LinkedDomainService](#LinkedDomainService) - -| Param | Type | -| --- | --- | -| service | [Service](#Service) | - - - -## MethodData -Supported verification method data formats. - -**Kind**: global class - -* [MethodData](#MethodData) - * _instance_ - * [.tryCustom()](#MethodData+tryCustom) ⇒ [CustomMethodData](#CustomMethodData) - * [.tryDecode()](#MethodData+tryDecode) ⇒ Uint8Array - * [.tryPublicKeyJwk()](#MethodData+tryPublicKeyJwk) ⇒ [Jwk](#Jwk) - * [.toJSON()](#MethodData+toJSON) ⇒ any - * [.clone()](#MethodData+clone) ⇒ [MethodData](#MethodData) - * _static_ - * [.newBase58(data)](#MethodData.newBase58) ⇒ [MethodData](#MethodData) - * [.newMultibase(data)](#MethodData.newMultibase) ⇒ [MethodData](#MethodData) - * [.newJwk(key)](#MethodData.newJwk) ⇒ [MethodData](#MethodData) - * [.newCustom(name, data)](#MethodData.newCustom) ⇒ [MethodData](#MethodData) - * [.fromJSON(json)](#MethodData.fromJSON) ⇒ [MethodData](#MethodData) - - - -### methodData.tryCustom() ⇒ [CustomMethodData](#CustomMethodData) -Returns the wrapped custom method data format is `Custom`. - -**Kind**: instance method of [MethodData](#MethodData) - - -### methodData.tryDecode() ⇒ Uint8Array -Returns a `Uint8Array` containing the decoded bytes of the [MethodData](#MethodData). - -This is generally a public key identified by a [MethodData](#MethodData) value. - -### Errors -Decoding can fail if [MethodData](#MethodData) has invalid content or cannot be -represented as a vector of bytes. - -**Kind**: instance method of [MethodData](#MethodData) - - -### methodData.tryPublicKeyJwk() ⇒ [Jwk](#Jwk) -Returns the wrapped [Jwk](#Jwk) if the format is `PublicKeyJwk`. - -**Kind**: instance method of [MethodData](#MethodData) - - -### methodData.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [MethodData](#MethodData) - - -### methodData.clone() ⇒ [MethodData](#MethodData) -Deep clones the object. - -**Kind**: instance method of [MethodData](#MethodData) - - -### MethodData.newBase58(data) ⇒ [MethodData](#MethodData) -Creates a new [MethodData](#MethodData) variant with Base58-BTC encoded content. - -**Kind**: static method of [MethodData](#MethodData) - -| Param | Type | -| --- | --- | -| data | Uint8Array | - - - -### MethodData.newMultibase(data) ⇒ [MethodData](#MethodData) -Creates a new [MethodData](#MethodData) variant with Multibase-encoded content. - -**Kind**: static method of [MethodData](#MethodData) - -| Param | Type | -| --- | --- | -| data | Uint8Array | - - - -### MethodData.newJwk(key) ⇒ [MethodData](#MethodData) -Creates a new [MethodData](#MethodData) variant consisting of the given `key`. - -### Errors -An error is thrown if the given `key` contains any private components. - -**Kind**: static method of [MethodData](#MethodData) - -| Param | Type | -| --- | --- | -| key | [Jwk](#Jwk) | - - - -### MethodData.newCustom(name, data) ⇒ [MethodData](#MethodData) -Creates a new custom [MethodData](#MethodData). - -**Kind**: static method of [MethodData](#MethodData) - -| Param | Type | -| --- | --- | -| name | string | -| data | any | - - - -### MethodData.fromJSON(json) ⇒ [MethodData](#MethodData) -Deserializes an instance from a JSON object. - -**Kind**: static method of [MethodData](#MethodData) - -| Param | Type | -| --- | --- | -| json | any | - - - -## MethodDigest -Unique identifier of a [VerificationMethod](#VerificationMethod). - -NOTE: -This class does not have a JSON representation, -use the methods `pack` and `unpack` instead. - -**Kind**: global class - -* [MethodDigest](#MethodDigest) - * [new MethodDigest(verification_method)](#new_MethodDigest_new) - * _instance_ - * [.pack()](#MethodDigest+pack) ⇒ Uint8Array - * [.clone()](#MethodDigest+clone) ⇒ [MethodDigest](#MethodDigest) - * _static_ - * [.unpack(bytes)](#MethodDigest.unpack) ⇒ [MethodDigest](#MethodDigest) - - - -### new MethodDigest(verification_method) - -| Param | Type | -| --- | --- | -| verification_method | [VerificationMethod](#VerificationMethod) | - - - -### methodDigest.pack() ⇒ Uint8Array -Packs [MethodDigest](#MethodDigest) into bytes. - -**Kind**: instance method of [MethodDigest](#MethodDigest) - - -### methodDigest.clone() ⇒ [MethodDigest](#MethodDigest) -Deep clones the object. - -**Kind**: instance method of [MethodDigest](#MethodDigest) - - -### MethodDigest.unpack(bytes) ⇒ [MethodDigest](#MethodDigest) -Unpacks bytes into [MethodDigest](#MethodDigest). - -**Kind**: static method of [MethodDigest](#MethodDigest) - -| Param | Type | -| --- | --- | -| bytes | Uint8Array | - - - -## MethodScope -Supported verification method types. - -**Kind**: global class - -* [MethodScope](#MethodScope) - * _instance_ - * [.toString()](#MethodScope+toString) ⇒ string - * [.toJSON()](#MethodScope+toJSON) ⇒ any - * [.clone()](#MethodScope+clone) ⇒ [MethodScope](#MethodScope) - * _static_ - * [.VerificationMethod()](#MethodScope.VerificationMethod) ⇒ [MethodScope](#MethodScope) - * [.Authentication()](#MethodScope.Authentication) ⇒ [MethodScope](#MethodScope) - * [.AssertionMethod()](#MethodScope.AssertionMethod) ⇒ [MethodScope](#MethodScope) - * [.KeyAgreement()](#MethodScope.KeyAgreement) ⇒ [MethodScope](#MethodScope) - * [.CapabilityDelegation()](#MethodScope.CapabilityDelegation) ⇒ [MethodScope](#MethodScope) - * [.CapabilityInvocation()](#MethodScope.CapabilityInvocation) ⇒ [MethodScope](#MethodScope) - * [.fromJSON(json)](#MethodScope.fromJSON) ⇒ [MethodScope](#MethodScope) - - - -### methodScope.toString() ⇒ string -Returns the [MethodScope](#MethodScope) as a string. - -**Kind**: instance method of [MethodScope](#MethodScope) - - -### methodScope.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [MethodScope](#MethodScope) - - -### methodScope.clone() ⇒ [MethodScope](#MethodScope) -Deep clones the object. - -**Kind**: instance method of [MethodScope](#MethodScope) - - -### MethodScope.VerificationMethod() ⇒ [MethodScope](#MethodScope) -**Kind**: static method of [MethodScope](#MethodScope) - - -### MethodScope.Authentication() ⇒ [MethodScope](#MethodScope) -**Kind**: static method of [MethodScope](#MethodScope) - - -### MethodScope.AssertionMethod() ⇒ [MethodScope](#MethodScope) -**Kind**: static method of [MethodScope](#MethodScope) - - -### MethodScope.KeyAgreement() ⇒ [MethodScope](#MethodScope) -**Kind**: static method of [MethodScope](#MethodScope) - - -### MethodScope.CapabilityDelegation() ⇒ [MethodScope](#MethodScope) -**Kind**: static method of [MethodScope](#MethodScope) - - -### MethodScope.CapabilityInvocation() ⇒ [MethodScope](#MethodScope) -**Kind**: static method of [MethodScope](#MethodScope) - - -### MethodScope.fromJSON(json) ⇒ [MethodScope](#MethodScope) -Deserializes an instance from a JSON object. - -**Kind**: static method of [MethodScope](#MethodScope) - -| Param | Type | -| --- | --- | -| json | any | - - - -## MethodType -Supported verification method types. - -**Kind**: global class - -* [MethodType](#MethodType) - * _instance_ - * [.toString()](#MethodType+toString) ⇒ string - * [.toJSON()](#MethodType+toJSON) ⇒ any - * [.clone()](#MethodType+clone) ⇒ [MethodType](#MethodType) - * _static_ - * [.Ed25519VerificationKey2018()](#MethodType.Ed25519VerificationKey2018) ⇒ [MethodType](#MethodType) - * [.X25519KeyAgreementKey2019()](#MethodType.X25519KeyAgreementKey2019) ⇒ [MethodType](#MethodType) - * ~~[.JsonWebKey()](#MethodType.JsonWebKey)~~ - * [.JsonWebKey2020()](#MethodType.JsonWebKey2020) ⇒ [MethodType](#MethodType) - * [.custom(type_)](#MethodType.custom) ⇒ [MethodType](#MethodType) - * [.fromJSON(json)](#MethodType.fromJSON) ⇒ [MethodType](#MethodType) - - - -### methodType.toString() ⇒ string -Returns the [MethodType](#MethodType) as a string. - -**Kind**: instance method of [MethodType](#MethodType) - - -### methodType.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [MethodType](#MethodType) - - -### methodType.clone() ⇒ [MethodType](#MethodType) -Deep clones the object. - -**Kind**: instance method of [MethodType](#MethodType) - - -### MethodType.Ed25519VerificationKey2018() ⇒ [MethodType](#MethodType) -**Kind**: static method of [MethodType](#MethodType) - - -### MethodType.X25519KeyAgreementKey2019() ⇒ [MethodType](#MethodType) -**Kind**: static method of [MethodType](#MethodType) - - -### ~~MethodType.JsonWebKey()~~ -***Deprecated*** - -**Kind**: static method of [MethodType](#MethodType) - - -### MethodType.JsonWebKey2020() ⇒ [MethodType](#MethodType) -A verification method for use with JWT verification as prescribed by the [Jwk](#Jwk) -in the `publicKeyJwk` entry. - -**Kind**: static method of [MethodType](#MethodType) - - -### MethodType.custom(type_) ⇒ [MethodType](#MethodType) -A custom method. - -**Kind**: static method of [MethodType](#MethodType) - -| Param | Type | -| --- | --- | -| type_ | string | - - - -### MethodType.fromJSON(json) ⇒ [MethodType](#MethodType) -Deserializes an instance from a JSON object. - -**Kind**: static method of [MethodType](#MethodType) - -| Param | Type | -| --- | --- | -| json | any | - - - -## PayloadEntry -**Kind**: global class - -* [PayloadEntry](#PayloadEntry) - * [.1](#PayloadEntry+1) ⇒ [PayloadType](#PayloadType) - * [.1](#PayloadEntry+1) - * [.value](#PayloadEntry+value) - * [.value](#PayloadEntry+value) ⇒ any - - - -### payloadEntry.1 ⇒ [PayloadType](#PayloadType) -**Kind**: instance property of [PayloadEntry](#PayloadEntry) - - -### payloadEntry.1 -**Kind**: instance property of [PayloadEntry](#PayloadEntry) - -| Param | Type | -| --- | --- | -| arg0 | [PayloadType](#PayloadType) | - - - -### payloadEntry.value -**Kind**: instance property of [PayloadEntry](#PayloadEntry) - -| Param | Type | -| --- | --- | -| value | any | - - - -### payloadEntry.value ⇒ any -**Kind**: instance property of [PayloadEntry](#PayloadEntry) - - -## Payloads -**Kind**: global class - -* [Payloads](#Payloads) - * [new Payloads(entries)](#new_Payloads_new) - * _instance_ - * [.toJSON()](#Payloads+toJSON) ⇒ any - * [.clone()](#Payloads+clone) ⇒ [Payloads](#Payloads) - * [.getValues()](#Payloads+getValues) ⇒ Array.<any> - * [.getUndisclosedIndexes()](#Payloads+getUndisclosedIndexes) ⇒ Uint32Array - * [.getDisclosedIndexes()](#Payloads+getDisclosedIndexes) ⇒ Uint32Array - * [.getUndisclosedPayloads()](#Payloads+getUndisclosedPayloads) ⇒ Array.<any> - * [.getDisclosedPayloads()](#Payloads+getDisclosedPayloads) ⇒ [Payloads](#Payloads) - * [.setUndisclosed(index)](#Payloads+setUndisclosed) - * [.replacePayloadAtIndex(index, value)](#Payloads+replacePayloadAtIndex) ⇒ any - * _static_ - * [.fromJSON(json)](#Payloads.fromJSON) ⇒ [Payloads](#Payloads) - * [.newFromValues(values)](#Payloads.newFromValues) ⇒ [Payloads](#Payloads) - - - -### new Payloads(entries) - -| Param | Type | -| --- | --- | -| entries | [Array.<PayloadEntry>](#PayloadEntry) | - - - -### payloads.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [Payloads](#Payloads) - - -### payloads.clone() ⇒ [Payloads](#Payloads) -Deep clones the object. - -**Kind**: instance method of [Payloads](#Payloads) - - -### payloads.getValues() ⇒ Array.<any> -**Kind**: instance method of [Payloads](#Payloads) - - -### payloads.getUndisclosedIndexes() ⇒ Uint32Array -**Kind**: instance method of [Payloads](#Payloads) - - -### payloads.getDisclosedIndexes() ⇒ Uint32Array -**Kind**: instance method of [Payloads](#Payloads) - - -### payloads.getUndisclosedPayloads() ⇒ Array.<any> -**Kind**: instance method of [Payloads](#Payloads) - - -### payloads.getDisclosedPayloads() ⇒ [Payloads](#Payloads) -**Kind**: instance method of [Payloads](#Payloads) - - -### payloads.setUndisclosed(index) -**Kind**: instance method of [Payloads](#Payloads) - -| Param | Type | -| --- | --- | -| index | number | - - - -### payloads.replacePayloadAtIndex(index, value) ⇒ any -**Kind**: instance method of [Payloads](#Payloads) - -| Param | Type | -| --- | --- | -| index | number | -| value | any | - - - -### Payloads.fromJSON(json) ⇒ [Payloads](#Payloads) -Deserializes an instance from a JSON object. - -**Kind**: static method of [Payloads](#Payloads) - -| Param | Type | -| --- | --- | -| json | any | - - - -### Payloads.newFromValues(values) ⇒ [Payloads](#Payloads) -**Kind**: static method of [Payloads](#Payloads) - -| Param | Type | -| --- | --- | -| values | Array.<any> | - - - -## Presentation -**Kind**: global class - -* [Presentation](#Presentation) - * [new Presentation(values)](#new_Presentation_new) - * _instance_ - * [.context()](#Presentation+context) ⇒ Array.<(string\|Record.<string, any>)> - * [.id()](#Presentation+id) ⇒ string \| undefined - * [.type()](#Presentation+type) ⇒ Array.<string> - * [.verifiableCredential()](#Presentation+verifiableCredential) ⇒ [Array.<UnknownCredential>](#UnknownCredential) - * [.holder()](#Presentation+holder) ⇒ string - * [.refreshService()](#Presentation+refreshService) ⇒ Array.<RefreshService> - * [.termsOfUse()](#Presentation+termsOfUse) ⇒ Array.<Policy> - * [.proof()](#Presentation+proof) ⇒ [Proof](#Proof) \| undefined - * [.setProof([proof])](#Presentation+setProof) - * [.properties()](#Presentation+properties) ⇒ Map.<string, any> - * [.toJSON()](#Presentation+toJSON) ⇒ any - * [.clone()](#Presentation+clone) ⇒ [Presentation](#Presentation) - * _static_ - * [.BaseContext()](#Presentation.BaseContext) ⇒ string - * [.BaseType()](#Presentation.BaseType) ⇒ string - * [.fromJSON(json)](#Presentation.fromJSON) ⇒ [Presentation](#Presentation) - - - -### new Presentation(values) -Constructs a new presentation. - - -| Param | Type | -| --- | --- | -| values | IPresentation | - - - -### presentation.context() ⇒ Array.<(string\|Record.<string, any>)> -Returns a copy of the JSON-LD context(s) applicable to the presentation. - -**Kind**: instance method of [Presentation](#Presentation) - - -### presentation.id() ⇒ string \| undefined -Returns a copy of the unique `URI` identifying the presentation. - -**Kind**: instance method of [Presentation](#Presentation) - - -### presentation.type() ⇒ Array.<string> -Returns a copy of the URIs defining the type of the presentation. - -**Kind**: instance method of [Presentation](#Presentation) - - -### presentation.verifiableCredential() ⇒ [Array.<UnknownCredential>](#UnknownCredential) -Returns the JWT credentials expressing the claims of the presentation. - -**Kind**: instance method of [Presentation](#Presentation) - - -### presentation.holder() ⇒ string -Returns a copy of the URI of the entity that generated the presentation. - -**Kind**: instance method of [Presentation](#Presentation) - - -### presentation.refreshService() ⇒ Array.<RefreshService> -Returns a copy of the service(s) used to refresh an expired [Credential](#Credential) in the presentation. - -**Kind**: instance method of [Presentation](#Presentation) - - -### presentation.termsOfUse() ⇒ Array.<Policy> -Returns a copy of the terms-of-use specified by the presentation holder - -**Kind**: instance method of [Presentation](#Presentation) - - -### presentation.proof() ⇒ [Proof](#Proof) \| undefined -Optional cryptographic proof, unrelated to JWT. - -**Kind**: instance method of [Presentation](#Presentation) - - -### presentation.setProof([proof]) -Sets the proof property of the [Presentation](#Presentation). - -Note that this proof is not related to JWT. - -**Kind**: instance method of [Presentation](#Presentation) - -| Param | Type | -| --- | --- | -| [proof] | [Proof](#Proof) \| undefined | - - - -### presentation.properties() ⇒ Map.<string, any> -Returns a copy of the miscellaneous properties on the presentation. - -**Kind**: instance method of [Presentation](#Presentation) - - -### presentation.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [Presentation](#Presentation) - - -### presentation.clone() ⇒ [Presentation](#Presentation) -Deep clones the object. - -**Kind**: instance method of [Presentation](#Presentation) - - -### Presentation.BaseContext() ⇒ string -Returns the base JSON-LD context. - -**Kind**: static method of [Presentation](#Presentation) - - -### Presentation.BaseType() ⇒ string -Returns the base type. - -**Kind**: static method of [Presentation](#Presentation) - - -### Presentation.fromJSON(json) ⇒ [Presentation](#Presentation) -Deserializes an instance from a JSON object. - -**Kind**: static method of [Presentation](#Presentation) - -| Param | Type | -| --- | --- | -| json | any | - - - -## PresentationProtectedHeader -**Kind**: global class - -* [PresentationProtectedHeader](#PresentationProtectedHeader) - * [.alg](#PresentationProtectedHeader+alg) ⇒ [PresentationProofAlgorithm](#PresentationProofAlgorithm) - * [.alg](#PresentationProtectedHeader+alg) - * [.kid](#PresentationProtectedHeader+kid) ⇒ string \| undefined - * [.kid](#PresentationProtectedHeader+kid) - * [.aud](#PresentationProtectedHeader+aud) ⇒ string \| undefined - * [.aud](#PresentationProtectedHeader+aud) - * [.nonce](#PresentationProtectedHeader+nonce) ⇒ string \| undefined - * [.nonce](#PresentationProtectedHeader+nonce) - - - -### presentationProtectedHeader.alg ⇒ [PresentationProofAlgorithm](#PresentationProofAlgorithm) -**Kind**: instance property of [PresentationProtectedHeader](#PresentationProtectedHeader) - - -### presentationProtectedHeader.alg -**Kind**: instance property of [PresentationProtectedHeader](#PresentationProtectedHeader) - -| Param | Type | -| --- | --- | -| arg0 | [PresentationProofAlgorithm](#PresentationProofAlgorithm) | - - - -### presentationProtectedHeader.kid ⇒ string \| undefined -ID for the key used for the JWP. - -**Kind**: instance property of [PresentationProtectedHeader](#PresentationProtectedHeader) - - -### presentationProtectedHeader.kid -ID for the key used for the JWP. - -**Kind**: instance property of [PresentationProtectedHeader](#PresentationProtectedHeader) - -| Param | Type | -| --- | --- | -| [arg0] | string \| undefined | - - - -### presentationProtectedHeader.aud ⇒ string \| undefined -Who have received the JPT. - -**Kind**: instance property of [PresentationProtectedHeader](#PresentationProtectedHeader) - - -### presentationProtectedHeader.aud -Who have received the JPT. - -**Kind**: instance property of [PresentationProtectedHeader](#PresentationProtectedHeader) - -| Param | Type | -| --- | --- | -| [arg0] | string \| undefined | - - - -### presentationProtectedHeader.nonce ⇒ string \| undefined -For replay attacks. - -**Kind**: instance property of [PresentationProtectedHeader](#PresentationProtectedHeader) - - -### presentationProtectedHeader.nonce -For replay attacks. - -**Kind**: instance property of [PresentationProtectedHeader](#PresentationProtectedHeader) - -| Param | Type | -| --- | --- | -| [arg0] | string \| undefined | - - - -## Proof -Represents a cryptographic proof that can be used to validate verifiable credentials and -presentations. - -This representation does not inherently implement any standard; instead, it -can be utilized to implement standards or user-defined proofs. The presence of the -`type` field is necessary to accommodate different types of cryptographic proofs. - -Note that this proof is not related to JWT and can be used in combination or as an alternative -to it. - -**Kind**: global class - -* [Proof](#Proof) - * [new Proof(type_, properties)](#new_Proof_new) - * _instance_ - * [.type()](#Proof+type) ⇒ string - * [.properties()](#Proof+properties) ⇒ any - * [.toJSON()](#Proof+toJSON) ⇒ any - * [.clone()](#Proof+clone) ⇒ [Proof](#Proof) - * _static_ - * [.fromJSON(json)](#Proof.fromJSON) ⇒ [Proof](#Proof) - - - -### new Proof(type_, properties) - -| Param | Type | -| --- | --- | -| type_ | string | -| properties | any | - - - -### proof.type() ⇒ string -Returns the type of proof. - -**Kind**: instance method of [Proof](#Proof) - - -### proof.properties() ⇒ any -Returns the properties of the proof. - -**Kind**: instance method of [Proof](#Proof) - - -### proof.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [Proof](#Proof) - - -### proof.clone() ⇒ [Proof](#Proof) -Deep clones the object. - -**Kind**: instance method of [Proof](#Proof) - - -### Proof.fromJSON(json) ⇒ [Proof](#Proof) -Deserializes an instance from a JSON object. - -**Kind**: static method of [Proof](#Proof) - -| Param | Type | -| --- | --- | -| json | any | - - - -## ProofUpdateCtx -**Kind**: global class - -* [ProofUpdateCtx](#ProofUpdateCtx) - * [.old_start_validity_timeframe](#ProofUpdateCtx+old_start_validity_timeframe) ⇒ Uint8Array - * [.old_start_validity_timeframe](#ProofUpdateCtx+old_start_validity_timeframe) - * [.new_start_validity_timeframe](#ProofUpdateCtx+new_start_validity_timeframe) ⇒ Uint8Array - * [.new_start_validity_timeframe](#ProofUpdateCtx+new_start_validity_timeframe) - * [.old_end_validity_timeframe](#ProofUpdateCtx+old_end_validity_timeframe) ⇒ Uint8Array - * [.old_end_validity_timeframe](#ProofUpdateCtx+old_end_validity_timeframe) - * [.new_end_validity_timeframe](#ProofUpdateCtx+new_end_validity_timeframe) ⇒ Uint8Array - * [.new_end_validity_timeframe](#ProofUpdateCtx+new_end_validity_timeframe) - * [.index_start_validity_timeframe](#ProofUpdateCtx+index_start_validity_timeframe) ⇒ number - * [.index_start_validity_timeframe](#ProofUpdateCtx+index_start_validity_timeframe) - * [.index_end_validity_timeframe](#ProofUpdateCtx+index_end_validity_timeframe) ⇒ number - * [.index_end_validity_timeframe](#ProofUpdateCtx+index_end_validity_timeframe) - * [.number_of_signed_messages](#ProofUpdateCtx+number_of_signed_messages) ⇒ number - * [.number_of_signed_messages](#ProofUpdateCtx+number_of_signed_messages) - - - -### proofUpdateCtx.old\_start\_validity\_timeframe ⇒ Uint8Array -Old `startValidityTimeframe` value - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - - -### proofUpdateCtx.old\_start\_validity\_timeframe -Old `startValidityTimeframe` value - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - -| Param | Type | -| --- | --- | -| arg0 | Uint8Array | - - - -### proofUpdateCtx.new\_start\_validity\_timeframe ⇒ Uint8Array -New `startValidityTimeframe` value to be signed - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - - -### proofUpdateCtx.new\_start\_validity\_timeframe -New `startValidityTimeframe` value to be signed - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - -| Param | Type | -| --- | --- | -| arg0 | Uint8Array | - - - -### proofUpdateCtx.old\_end\_validity\_timeframe ⇒ Uint8Array -Old `endValidityTimeframe` value - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - - -### proofUpdateCtx.old\_end\_validity\_timeframe -Old `endValidityTimeframe` value - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - -| Param | Type | -| --- | --- | -| arg0 | Uint8Array | - - - -### proofUpdateCtx.new\_end\_validity\_timeframe ⇒ Uint8Array -New `endValidityTimeframe` value to be signed - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - - -### proofUpdateCtx.new\_end\_validity\_timeframe -New `endValidityTimeframe` value to be signed - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - -| Param | Type | -| --- | --- | -| arg0 | Uint8Array | - - - -### proofUpdateCtx.index\_start\_validity\_timeframe ⇒ number -Index of `startValidityTimeframe` claim inside the array of Claims - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - - -### proofUpdateCtx.index\_start\_validity\_timeframe -Index of `startValidityTimeframe` claim inside the array of Claims - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - -| Param | Type | -| --- | --- | -| arg0 | number | - - - -### proofUpdateCtx.index\_end\_validity\_timeframe ⇒ number -Index of `endValidityTimeframe` claim inside the array of Claims - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - - -### proofUpdateCtx.index\_end\_validity\_timeframe -Index of `endValidityTimeframe` claim inside the array of Claims - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - -| Param | Type | -| --- | --- | -| arg0 | number | - - - -### proofUpdateCtx.number\_of\_signed\_messages ⇒ number -Number of signed messages, number of payloads in a JWP - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - - -### proofUpdateCtx.number\_of\_signed\_messages -Number of signed messages, number of payloads in a JWP - -**Kind**: instance property of [ProofUpdateCtx](#ProofUpdateCtx) - -| Param | Type | -| --- | --- | -| arg0 | number | - - - -## Resolver -Convenience type for resolving DID documents from different DID methods. - -Also provides methods for resolving DID Documents associated with -verifiable [Credential](#Credential)s and [Presentation](#Presentation)s. - -# Configuration - -The resolver will only be able to resolve DID documents for methods it has been configured for in the constructor. - -**Kind**: global class - -* [Resolver](#Resolver) - * [new Resolver(config)](#new_Resolver_new) - * [.resolve(did)](#Resolver+resolve) ⇒ Promise.<(CoreDocument\|IToCoreDocument)> - * [.resolveMultiple(dids)](#Resolver+resolveMultiple) ⇒ Promise.<Array.<(CoreDocument\|IToCoreDocument)>> - - - -### new Resolver(config) -Constructs a new [Resolver](#Resolver). - -# Errors -If both a `client` is given and the `handlers` map contains the "iota" key the construction process -will throw an error because the handler for the "iota" method then becomes ambiguous. - - -| Param | Type | -| --- | --- | -| config | ResolverConfig | - - - -### resolver.resolve(did) ⇒ Promise.<(CoreDocument\|IToCoreDocument)> -Fetches the DID Document of the given DID. - -### Errors - -Errors if the resolver has not been configured to handle the method -corresponding to the given DID or the resolution process itself fails. - -**Kind**: instance method of [Resolver](#Resolver) - -| Param | Type | -| --- | --- | -| did | string | - - - -### resolver.resolveMultiple(dids) ⇒ Promise.<Array.<(CoreDocument\|IToCoreDocument)>> -Concurrently fetches the DID Documents of the multiple given DIDs. - -# Errors -* If the resolver has not been configured to handle the method of any of the given DIDs. -* If the resolution process of any DID fails. - -## Note -* The order of the documents in the returned array matches that in `dids`. -* If `dids` contains duplicates, these will be resolved only once and the resolved document -is copied into the returned array to match the order of `dids`. - -**Kind**: instance method of [Resolver](#Resolver) - -| Param | Type | -| --- | --- | -| dids | Array.<string> | - - - -## RevocationBitmap -A compressed bitmap for managing credential revocation. - -**Kind**: global class - -* [RevocationBitmap](#RevocationBitmap) - * [new RevocationBitmap()](#new_RevocationBitmap_new) - * _instance_ - * [.isRevoked(index)](#RevocationBitmap+isRevoked) ⇒ boolean - * [.revoke(index)](#RevocationBitmap+revoke) ⇒ boolean - * [.unrevoke(index)](#RevocationBitmap+unrevoke) ⇒ boolean - * [.len()](#RevocationBitmap+len) ⇒ number - * [.toService(serviceId)](#RevocationBitmap+toService) ⇒ [Service](#Service) - * _static_ - * [.type()](#RevocationBitmap.type) ⇒ string - * [.fromEndpoint(service)](#RevocationBitmap.fromEndpoint) ⇒ [RevocationBitmap](#RevocationBitmap) - - - -### new RevocationBitmap() -Creates a new [RevocationBitmap](#RevocationBitmap) instance. - - - -### revocationBitmap.isRevoked(index) ⇒ boolean -Returns `true` if the credential at the given `index` is revoked. - -**Kind**: instance method of [RevocationBitmap](#RevocationBitmap) - -| Param | Type | -| --- | --- | -| index | number | - - - -### revocationBitmap.revoke(index) ⇒ boolean -Mark the given index as revoked. - -Returns true if the index was absent from the set. - -**Kind**: instance method of [RevocationBitmap](#RevocationBitmap) - -| Param | Type | -| --- | --- | -| index | number | - - - -### revocationBitmap.unrevoke(index) ⇒ boolean -Mark the index as not revoked. - -Returns true if the index was present in the set. - -**Kind**: instance method of [RevocationBitmap](#RevocationBitmap) - -| Param | Type | -| --- | --- | -| index | number | - - - -### revocationBitmap.len() ⇒ number -Returns the number of revoked credentials. - -**Kind**: instance method of [RevocationBitmap](#RevocationBitmap) - - -### revocationBitmap.toService(serviceId) ⇒ [Service](#Service) -Return a `Service` with: -- the service's id set to `serviceId`, -- of type `RevocationBitmap2022`, -- and with the bitmap embedded in a data url in the service's endpoint. - -**Kind**: instance method of [RevocationBitmap](#RevocationBitmap) - -| Param | Type | -| --- | --- | -| serviceId | [DIDUrl](#DIDUrl) | - - - -### RevocationBitmap.type() ⇒ string -The name of the service type. - -**Kind**: static method of [RevocationBitmap](#RevocationBitmap) - - -### RevocationBitmap.fromEndpoint(service) ⇒ [RevocationBitmap](#RevocationBitmap) -Try to construct a [RevocationBitmap](#RevocationBitmap) from a service -if it is a valid Revocation Bitmap Service. - -**Kind**: static method of [RevocationBitmap](#RevocationBitmap) - -| Param | Type | -| --- | --- | -| service | [Service](#Service) | - - - -## RevocationTimeframeStatus -Information used to determine the current status of a [Credential](#Credential). - -**Kind**: global class - -* [RevocationTimeframeStatus](#RevocationTimeframeStatus) - * [new RevocationTimeframeStatus(id, index, duration, [start_validity])](#new_RevocationTimeframeStatus_new) - * _instance_ - * [.clone()](#RevocationTimeframeStatus+clone) ⇒ [RevocationTimeframeStatus](#RevocationTimeframeStatus) - * [.toJSON()](#RevocationTimeframeStatus+toJSON) ⇒ any - * [.startValidityTimeframe()](#RevocationTimeframeStatus+startValidityTimeframe) ⇒ [Timestamp](#Timestamp) - * [.endValidityTimeframe()](#RevocationTimeframeStatus+endValidityTimeframe) ⇒ [Timestamp](#Timestamp) - * [.id()](#RevocationTimeframeStatus+id) ⇒ string - * [.index()](#RevocationTimeframeStatus+index) ⇒ number \| undefined - * _static_ - * [.fromJSON(json)](#RevocationTimeframeStatus.fromJSON) ⇒ [RevocationTimeframeStatus](#RevocationTimeframeStatus) - - - -### new RevocationTimeframeStatus(id, index, duration, [start_validity]) -Creates a new `RevocationTimeframeStatus`. - - -| Param | Type | -| --- | --- | -| id | string | -| index | number | -| duration | [Duration](#Duration) | -| [start_validity] | [Timestamp](#Timestamp) \| undefined | - - - -### revocationTimeframeStatus.clone() ⇒ [RevocationTimeframeStatus](#RevocationTimeframeStatus) -Deep clones the object. - -**Kind**: instance method of [RevocationTimeframeStatus](#RevocationTimeframeStatus) - - -### revocationTimeframeStatus.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [RevocationTimeframeStatus](#RevocationTimeframeStatus) - - -### revocationTimeframeStatus.startValidityTimeframe() ⇒ [Timestamp](#Timestamp) -Get startValidityTimeframe value. - -**Kind**: instance method of [RevocationTimeframeStatus](#RevocationTimeframeStatus) - - -### revocationTimeframeStatus.endValidityTimeframe() ⇒ [Timestamp](#Timestamp) -Get endValidityTimeframe value. - -**Kind**: instance method of [RevocationTimeframeStatus](#RevocationTimeframeStatus) - - -### revocationTimeframeStatus.id() ⇒ string -Return the URL fo the `RevocationBitmapStatus`. - -**Kind**: instance method of [RevocationTimeframeStatus](#RevocationTimeframeStatus) - - -### revocationTimeframeStatus.index() ⇒ number \| undefined -Return the index of the credential in the issuer's revocation bitmap - -**Kind**: instance method of [RevocationTimeframeStatus](#RevocationTimeframeStatus) - - -### RevocationTimeframeStatus.fromJSON(json) ⇒ [RevocationTimeframeStatus](#RevocationTimeframeStatus) -Deserializes an instance from a JSON object. - -**Kind**: static method of [RevocationTimeframeStatus](#RevocationTimeframeStatus) - -| Param | Type | -| --- | --- | -| json | any | - - - -## SdJwt -Representation of an SD-JWT of the format -`~~~...~~`. - -**Kind**: global class - -* [SdJwt](#SdJwt) - * [new SdJwt(jwt, disclosures, [key_binding_jwt])](#new_SdJwt_new) - * _instance_ - * [.presentation()](#SdJwt+presentation) ⇒ string - * [.toString()](#SdJwt+toString) ⇒ string - * [.jwt()](#SdJwt+jwt) ⇒ string - * [.disclosures()](#SdJwt+disclosures) ⇒ Array.<string> - * [.keyBindingJwt()](#SdJwt+keyBindingJwt) ⇒ string \| undefined - * [.clone()](#SdJwt+clone) ⇒ [SdJwt](#SdJwt) - * _static_ - * [.parse(sd_jwt)](#SdJwt.parse) ⇒ [SdJwt](#SdJwt) - - - -### new SdJwt(jwt, disclosures, [key_binding_jwt]) -Creates a new `SdJwt` from its components. - - -| Param | Type | -| --- | --- | -| jwt | string | -| disclosures | Array.<string> | -| [key_binding_jwt] | string \| undefined | - - - -### sdJwt.presentation() ⇒ string -Serializes the components into the final SD-JWT. - -**Kind**: instance method of [SdJwt](#SdJwt) - - -### sdJwt.toString() ⇒ string -Serializes the components into the final SD-JWT. - -**Kind**: instance method of [SdJwt](#SdJwt) - - -### sdJwt.jwt() ⇒ string -The JWT part. - -**Kind**: instance method of [SdJwt](#SdJwt) - - -### sdJwt.disclosures() ⇒ Array.<string> -The disclosures part. - -**Kind**: instance method of [SdJwt](#SdJwt) - - -### sdJwt.keyBindingJwt() ⇒ string \| undefined -The optional key binding JWT. - -**Kind**: instance method of [SdJwt](#SdJwt) - - -### sdJwt.clone() ⇒ [SdJwt](#SdJwt) -Deep clones the object. - -**Kind**: instance method of [SdJwt](#SdJwt) - - -### SdJwt.parse(sd_jwt) ⇒ [SdJwt](#SdJwt) -Parses an SD-JWT into its components as [`SdJwt`]. - -## Error -Returns `DeserializationError` if parsing fails. - -**Kind**: static method of [SdJwt](#SdJwt) - -| Param | Type | -| --- | --- | -| sd_jwt | string | - - - -## SdJwtCredentialValidator -A type for decoding and validating [Credential](#Credential). - -**Kind**: global class - -* [SdJwtCredentialValidator](#SdJwtCredentialValidator) - * [new SdJwtCredentialValidator(signatureVerifier)](#new_SdJwtCredentialValidator_new) - * [.validateCredential(sd_jwt, issuer, options, fail_fast)](#SdJwtCredentialValidator+validateCredential) ⇒ [DecodedJwtCredential](#DecodedJwtCredential) - * [.verifySignature(credential, trustedIssuers, options)](#SdJwtCredentialValidator+verifySignature) ⇒ [DecodedJwtCredential](#DecodedJwtCredential) - * [.validateKeyBindingJwt(sdJwt, holder, options)](#SdJwtCredentialValidator+validateKeyBindingJwt) ⇒ [KeyBindingJwtClaims](#KeyBindingJwtClaims) - - - -### new SdJwtCredentialValidator(signatureVerifier) -Creates a new `SdJwtCredentialValidator`. If a `signatureVerifier` is provided it will be used when -verifying decoded JWS signatures, otherwise the default which is only capable of handling the `EdDSA` -algorithm will be used. - - -| Param | Type | -| --- | --- | -| signatureVerifier | IJwsVerifier | - - - -### sdJwtCredentialValidator.validateCredential(sd_jwt, issuer, options, fail_fast) ⇒ [DecodedJwtCredential](#DecodedJwtCredential) -Decodes and validates a `Credential` issued as an SD-JWT. A `DecodedJwtCredential` is returned upon success. -The credential is constructed by replacing disclosures following the -[`Selective Disclosure for JWTs (SD-JWT)`](https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-07.html) standard. - -The following properties are validated according to `options`: -- the issuer's signature on the JWS, -- the expiration date, -- the issuance date, -- the semantic structure. - -# Warning -* The key binding JWT is not validated. If needed, it must be validated separately using -`SdJwtValidator::validate_key_binding_jwt`. -* The lack of an error returned from this method is in of itself not enough to conclude that the credential can be -trusted. This section contains more information on additional checks that should be carried out before and after -calling this method. - -## The state of the issuer's DID Document -The caller must ensure that `issuer` represents an up-to-date DID Document. - -## Properties that are not validated - There are many properties defined in [The Verifiable Credentials Data Model](https://www.w3.org/TR/vc-data-model/) that are **not** validated, such as: -`proof`, `credentialStatus`, `type`, `credentialSchema`, `refreshService` **and more**. -These should be manually checked after validation, according to your requirements. - -# Errors -An error is returned whenever a validated condition is not satisfied. - -**Kind**: instance method of [SdJwtCredentialValidator](#SdJwtCredentialValidator) - -| Param | Type | -| --- | --- | -| sd_jwt | [SdJwt](#SdJwt) | -| issuer | [CoreDocument](#CoreDocument) \| IToCoreDocument | -| options | [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) | -| fail_fast | [FailFast](#FailFast) | - - - -### sdJwtCredentialValidator.verifySignature(credential, trustedIssuers, options) ⇒ [DecodedJwtCredential](#DecodedJwtCredential) -Decode and verify the JWS signature of a `Credential` issued as an SD-JWT using the DID Document of a trusted -issuer and replaces the disclosures. - -A `DecodedJwtCredential` is returned upon success. - -# Warning -The caller must ensure that the DID Documents of the trusted issuers are up-to-date. - -## Proofs - Only the JWS signature is verified. If the `Credential` contains a `proof` property this will not be verified -by this method. - -# Errors -* If the issuer' URL cannot be parsed. -* If Signature verification fails. -* If SD decoding fails. - -**Kind**: instance method of [SdJwtCredentialValidator](#SdJwtCredentialValidator) - -| Param | Type | -| --- | --- | -| credential | [SdJwt](#SdJwt) | -| trustedIssuers | Array.<(CoreDocument\|IToCoreDocument)> | -| options | [JwsVerificationOptions](#JwsVerificationOptions) | - - - -### sdJwtCredentialValidator.validateKeyBindingJwt(sdJwt, holder, options) ⇒ [KeyBindingJwtClaims](#KeyBindingJwtClaims) -Validates a Key Binding JWT (KB-JWT) according to `https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-07.html#name-key-binding-jwt`. -The Validation process includes: - * Signature validation using public key materials defined in the `holder` document. - * `typ` value in KB-JWT header. - * `sd_hash` claim value in the KB-JWT claim. - * Optional `nonce`, `aud` and issuance date validation. - -**Kind**: instance method of [SdJwtCredentialValidator](#SdJwtCredentialValidator) - -| Param | Type | -| --- | --- | -| sdJwt | [SdJwt](#SdJwt) | -| holder | [CoreDocument](#CoreDocument) \| IToCoreDocument | -| options | [KeyBindingJWTValidationOptions](#KeyBindingJWTValidationOptions) | - - - -## SdObjectDecoder -Substitutes digests in an SD-JWT object by their corresponding plaintext values provided by disclosures. - -**Kind**: global class - -* [SdObjectDecoder](#SdObjectDecoder) - * [new SdObjectDecoder()](#new_SdObjectDecoder_new) - * [.decode(object, disclosures)](#SdObjectDecoder+decode) ⇒ Record.<string, any> - - - -### new SdObjectDecoder() -Creates a new `SdObjectDecoder` with `sha-256` hasher. - - - -### sdObjectDecoder.decode(object, disclosures) ⇒ Record.<string, any> -Decodes an SD-JWT `object` containing by Substituting the digests with their corresponding -plaintext values provided by `disclosures`. - -## Notes -* Claims like `exp` or `iat` are not validated in the process of decoding. -* `_sd_alg` property will be removed if present. - -**Kind**: instance method of [SdObjectDecoder](#SdObjectDecoder) - -| Param | Type | -| --- | --- | -| object | Record.<string, any> | -| disclosures | Array.<string> | - - - -## SdObjectEncoder -Transforms a JSON object into an SD-JWT object by substituting selected values -with their corresponding disclosure digests. - -Note: digests are created using the sha-256 algorithm. - -**Kind**: global class - -* [SdObjectEncoder](#SdObjectEncoder) - * [new SdObjectEncoder(object)](#new_SdObjectEncoder_new) - * [.conceal(path, [salt])](#SdObjectEncoder+conceal) ⇒ [Disclosure](#Disclosure) - * [.addSdAlgProperty()](#SdObjectEncoder+addSdAlgProperty) - * [.encodeToString()](#SdObjectEncoder+encodeToString) ⇒ string - * [.toString()](#SdObjectEncoder+toString) ⇒ string - * [.encodeToObject()](#SdObjectEncoder+encodeToObject) ⇒ Record.<string, any> - * [.toJSON()](#SdObjectEncoder+toJSON) ⇒ any - * [.addDecoys(path, number_of_decoys)](#SdObjectEncoder+addDecoys) - - - -### new SdObjectEncoder(object) -Creates a new `SdObjectEncoder` with `sha-256` hash function. - - -| Param | Type | -| --- | --- | -| object | any | - - - -### sdObjectEncoder.conceal(path, [salt]) ⇒ [Disclosure](#Disclosure) -Substitutes a value with the digest of its disclosure. -If no salt is provided, the disclosure will be created with a random salt value. - -`path` indicates the pointer to the value that will be concealed using the syntax of -[JSON pointer](https://datatracker.ietf.org/doc/html/rfc6901). - -For the following object: - - ``` -{ - "id": "did:value", - "claim1": { - "abc": true - }, - "claim2": ["val_1", "val_2"] -} -``` - -Path "/id" conceals `"id": "did:value"` -Path "/claim1/abc" conceals `"abc": true` -Path "/claim2/0" conceals `val_1` -``` - -## Errors -* `InvalidPath` if pointer is invalid. -* `DataTypeMismatch` if existing SD format is invalid. - -**Kind**: instance method of [SdObjectEncoder](#SdObjectEncoder) - -| Param | Type | -| --- | --- | -| path | string | -| [salt] | string \| undefined | - - - -### sdObjectEncoder.addSdAlgProperty() -Adds the `_sd_alg` property to the top level of the object, with -its value set to "sha-256". - -**Kind**: instance method of [SdObjectEncoder](#SdObjectEncoder) - - -### sdObjectEncoder.encodeToString() ⇒ string -Returns the modified object as a string. - -**Kind**: instance method of [SdObjectEncoder](#SdObjectEncoder) - - -### sdObjectEncoder.toString() ⇒ string -Returns the modified object as a string. - -**Kind**: instance method of [SdObjectEncoder](#SdObjectEncoder) - - -### sdObjectEncoder.encodeToObject() ⇒ Record.<string, any> -Returns the modified object. - -**Kind**: instance method of [SdObjectEncoder](#SdObjectEncoder) - - -### sdObjectEncoder.toJSON() ⇒ any -Returns the modified object. - -**Kind**: instance method of [SdObjectEncoder](#SdObjectEncoder) - - -### sdObjectEncoder.addDecoys(path, number_of_decoys) -Adds a decoy digest to the specified path. -If path is an empty slice, decoys will be added to the top level. - -**Kind**: instance method of [SdObjectEncoder](#SdObjectEncoder) - -| Param | Type | -| --- | --- | -| path | string | -| number_of_decoys | number | - - - -## SelectiveDisclosurePresentation -Used to construct a JwpPresentedBuilder and handle the selective disclosure of attributes -- @context MUST NOT be blinded -- id MUST be blinded -- type MUST NOT be blinded -- issuer MUST NOT be blinded -- issuanceDate MUST be blinded (if Timeframe Revocation mechanism is used) -- expirationDate MUST be blinded (if Timeframe Revocation mechanism is used) -- credentialSubject (User have to choose which attribute must be blinded) -- credentialSchema MUST NOT be blinded -- credentialStatus MUST NOT be blinded -- refreshService MUST NOT be blinded (probably will be used for Timeslot Revocation mechanism) -- termsOfUse NO reason to use it in ZK VC (will be in any case blinded) -- evidence (User have to choose which attribute must be blinded) - -**Kind**: global class - -* [SelectiveDisclosurePresentation](#SelectiveDisclosurePresentation) - * [new SelectiveDisclosurePresentation(issued_jwp)](#new_SelectiveDisclosurePresentation_new) - * [.concealInSubject(path)](#SelectiveDisclosurePresentation+concealInSubject) - * [.concealInEvidence(path)](#SelectiveDisclosurePresentation+concealInEvidence) - * [.setPresentationHeader(header)](#SelectiveDisclosurePresentation+setPresentationHeader) - - - -### new SelectiveDisclosurePresentation(issued_jwp) -Initialize a presentation starting from an Issued JWP. -The properties `jti`, `nbf`, `issuanceDate`, `expirationDate` and `termsOfUse` are concealed by default. - - -| Param | Type | -| --- | --- | -| issued_jwp | [JwpIssued](#JwpIssued) | - - - -### selectiveDisclosurePresentation.concealInSubject(path) -Selectively disclose "credentialSubject" attributes. -# Example -``` -{ - "id": 1234, - "name": "Alice", - "mainCourses": ["Object-oriented Programming", "Mathematics"], - "degree": { - "type": "BachelorDegree", - "name": "Bachelor of Science and Arts", - }, - "GPA": "4.0", -} -``` -If you want to undisclose for example the Mathematics course and the name of the degree: -``` -undisclose_subject("mainCourses[1]"); -undisclose_subject("degree.name"); -``` - -**Kind**: instance method of [SelectiveDisclosurePresentation](#SelectiveDisclosurePresentation) - -| Param | Type | -| --- | --- | -| path | string | - - - -### selectiveDisclosurePresentation.concealInEvidence(path) -Undiscloses "evidence" attributes. - -**Kind**: instance method of [SelectiveDisclosurePresentation](#SelectiveDisclosurePresentation) - -| Param | Type | -| --- | --- | -| path | string | - - - -### selectiveDisclosurePresentation.setPresentationHeader(header) -Sets presentation protected header. - -**Kind**: instance method of [SelectiveDisclosurePresentation](#SelectiveDisclosurePresentation) - -| Param | Type | -| --- | --- | -| header | [PresentationProtectedHeader](#PresentationProtectedHeader) | - - - -## Service -A DID Document Service used to enable trusted interactions associated with a DID subject. - -**Kind**: global class - -* [Service](#Service) - * [new Service(service)](#new_Service_new) - * _instance_ - * [.id()](#Service+id) ⇒ [DIDUrl](#DIDUrl) - * [.type()](#Service+type) ⇒ Array.<string> - * [.serviceEndpoint()](#Service+serviceEndpoint) ⇒ string \| Array.<string> \| Map.<string, Array.<string>> - * [.properties()](#Service+properties) ⇒ Map.<string, any> - * [.toJSON()](#Service+toJSON) ⇒ any - * [.clone()](#Service+clone) ⇒ [Service](#Service) - * _static_ - * [.fromJSON(json)](#Service.fromJSON) ⇒ [Service](#Service) - - - -### new Service(service) - -| Param | Type | -| --- | --- | -| service | IService | - - - -### service.id() ⇒ [DIDUrl](#DIDUrl) -Returns a copy of the [Service](#Service) id. - -**Kind**: instance method of [Service](#Service) - - -### service.type() ⇒ Array.<string> -Returns a copy of the [Service](#Service) type. - -**Kind**: instance method of [Service](#Service) - - -### service.serviceEndpoint() ⇒ string \| Array.<string> \| Map.<string, Array.<string>> -Returns a copy of the [Service](#Service) endpoint. - -**Kind**: instance method of [Service](#Service) - - -### service.properties() ⇒ Map.<string, any> -Returns a copy of the custom properties on the [Service](#Service). - -**Kind**: instance method of [Service](#Service) - - -### service.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [Service](#Service) - - -### service.clone() ⇒ [Service](#Service) -Deep clones the object. - -**Kind**: instance method of [Service](#Service) - - -### Service.fromJSON(json) ⇒ [Service](#Service) -Deserializes an instance from a JSON object. - -**Kind**: static method of [Service](#Service) - -| Param | Type | -| --- | --- | -| json | any | - - - -## StatusList2021 -StatusList2021 data structure as described in [W3C's VC status list 2021](https://www.w3.org/TR/2023/WD-vc-status-list-20230427/). - -**Kind**: global class - -* [StatusList2021](#StatusList2021) - * [new StatusList2021([size])](#new_StatusList2021_new) - * _instance_ - * [.clone()](#StatusList2021+clone) ⇒ [StatusList2021](#StatusList2021) - * [.len()](#StatusList2021+len) ⇒ number - * [.get(index)](#StatusList2021+get) ⇒ boolean - * [.set(index, value)](#StatusList2021+set) - * [.intoEncodedStr()](#StatusList2021+intoEncodedStr) ⇒ string - * _static_ - * [.fromEncodedStr(s)](#StatusList2021.fromEncodedStr) ⇒ [StatusList2021](#StatusList2021) - - - -### new StatusList2021([size]) -Creates a new [StatusList2021](#StatusList2021) of `size` entries. - - -| Param | Type | -| --- | --- | -| [size] | number \| undefined | - - - -### statusList2021.clone() ⇒ [StatusList2021](#StatusList2021) -Deep clones the object. - -**Kind**: instance method of [StatusList2021](#StatusList2021) - - -### statusList2021.len() ⇒ number -Returns the number of entries in this [StatusList2021](#StatusList2021). - -**Kind**: instance method of [StatusList2021](#StatusList2021) - - -### statusList2021.get(index) ⇒ boolean -Returns whether the entry at `index` is set. - -**Kind**: instance method of [StatusList2021](#StatusList2021) - -| Param | Type | -| --- | --- | -| index | number | - - - -### statusList2021.set(index, value) -Sets the value of the `index`-th entry. - -**Kind**: instance method of [StatusList2021](#StatusList2021) - -| Param | Type | -| --- | --- | -| index | number | -| value | boolean | - - - -### statusList2021.intoEncodedStr() ⇒ string -Encodes this [StatusList2021](#StatusList2021) into its compressed -base64 string representation. - -**Kind**: instance method of [StatusList2021](#StatusList2021) - - -### StatusList2021.fromEncodedStr(s) ⇒ [StatusList2021](#StatusList2021) -Attempts to decode a [StatusList2021](#StatusList2021) from a string. - -**Kind**: static method of [StatusList2021](#StatusList2021) - -| Param | Type | -| --- | --- | -| s | string | - - - -## StatusList2021Credential -A parsed [StatusList2021Credential](https://www.w3.org/TR/2023/WD-vc-status-list-20230427/#statuslist2021credential). - -**Kind**: global class - -* [StatusList2021Credential](#StatusList2021Credential) - * [new StatusList2021Credential(credential)](#new_StatusList2021Credential_new) - * _instance_ - * [.id()](#StatusList2021Credential+id) ⇒ string - * [.setCredentialStatus(credential, index, revoked_or_suspended)](#StatusList2021Credential+setCredentialStatus) ⇒ [StatusList2021Entry](#StatusList2021Entry) - * [.purpose()](#StatusList2021Credential+purpose) ⇒ [StatusPurpose](#StatusPurpose) - * [.entry(index)](#StatusList2021Credential+entry) ⇒ [CredentialStatus](#CredentialStatus) - * [.clone()](#StatusList2021Credential+clone) ⇒ [StatusList2021Credential](#StatusList2021Credential) - * [.toJSON()](#StatusList2021Credential+toJSON) ⇒ any - * _static_ - * [.fromJSON(json)](#StatusList2021Credential.fromJSON) ⇒ [StatusList2021Credential](#StatusList2021Credential) - - - -### new StatusList2021Credential(credential) -Creates a new [StatusList2021Credential](#StatusList2021Credential). - - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | - - - -### statusList2021Credential.id() ⇒ string -**Kind**: instance method of [StatusList2021Credential](#StatusList2021Credential) - - -### statusList2021Credential.setCredentialStatus(credential, index, revoked_or_suspended) ⇒ [StatusList2021Entry](#StatusList2021Entry) -Sets the given credential's status using the `index`-th entry of this status list. -Returns the created `credentialStatus`. - -**Kind**: instance method of [StatusList2021Credential](#StatusList2021Credential) - -| Param | Type | -| --- | --- | -| credential | [Credential](#Credential) | -| index | number | -| revoked_or_suspended | boolean | - - - -### statusList2021Credential.purpose() ⇒ [StatusPurpose](#StatusPurpose) -Returns the [StatusPurpose](#StatusPurpose) of this [StatusList2021Credential](#StatusList2021Credential). - -**Kind**: instance method of [StatusList2021Credential](#StatusList2021Credential) - - -### statusList2021Credential.entry(index) ⇒ [CredentialStatus](#CredentialStatus) -Returns the state of the `index`-th entry, if any. - -**Kind**: instance method of [StatusList2021Credential](#StatusList2021Credential) - -| Param | Type | -| --- | --- | -| index | number | - - - -### statusList2021Credential.clone() ⇒ [StatusList2021Credential](#StatusList2021Credential) -**Kind**: instance method of [StatusList2021Credential](#StatusList2021Credential) - - -### statusList2021Credential.toJSON() ⇒ any -**Kind**: instance method of [StatusList2021Credential](#StatusList2021Credential) - - -### StatusList2021Credential.fromJSON(json) ⇒ [StatusList2021Credential](#StatusList2021Credential) -**Kind**: static method of [StatusList2021Credential](#StatusList2021Credential) - -| Param | Type | -| --- | --- | -| json | any | - - - -## StatusList2021CredentialBuilder -Builder type to construct valid [StatusList2021Credential](#StatusList2021Credential) istances. - -**Kind**: global class - -* [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - * [new StatusList2021CredentialBuilder([status_list])](#new_StatusList2021CredentialBuilder_new) - * [.purpose(purpose)](#StatusList2021CredentialBuilder+purpose) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - * [.subjectId(id)](#StatusList2021CredentialBuilder+subjectId) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - * [.expirationDate(time)](#StatusList2021CredentialBuilder+expirationDate) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - * [.issuer(issuer)](#StatusList2021CredentialBuilder+issuer) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - * [.context(context)](#StatusList2021CredentialBuilder+context) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - * [.type(t)](#StatusList2021CredentialBuilder+type) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - * [.proof(proof)](#StatusList2021CredentialBuilder+proof) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - * [.build()](#StatusList2021CredentialBuilder+build) ⇒ [StatusList2021Credential](#StatusList2021Credential) - - - -### new StatusList2021CredentialBuilder([status_list]) -Creates a new [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder). - - -| Param | Type | -| --- | --- | -| [status_list] | [StatusList2021](#StatusList2021) \| undefined | - - - -### statusList2021CredentialBuilder.purpose(purpose) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) -Sets the purpose of the [StatusList2021Credential](#StatusList2021Credential) that is being created. - -**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - -| Param | Type | -| --- | --- | -| purpose | [StatusPurpose](#StatusPurpose) | - - - -### statusList2021CredentialBuilder.subjectId(id) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) -Sets `credentialSubject.id`. - -**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - -| Param | Type | -| --- | --- | -| id | string | - - - -### statusList2021CredentialBuilder.expirationDate(time) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) -Sets the expiration date of the credential. - -**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - -| Param | Type | -| --- | --- | -| time | [Timestamp](#Timestamp) | - - - -### statusList2021CredentialBuilder.issuer(issuer) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) -Sets the issuer of the credential. - -**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - -| Param | Type | -| --- | --- | -| issuer | string | - - - -### statusList2021CredentialBuilder.context(context) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) -Sets the context of the credential. - -**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - -| Param | Type | -| --- | --- | -| context | string | - - - -### statusList2021CredentialBuilder.type(t) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) -Adds a credential type. - -**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - -| Param | Type | -| --- | --- | -| t | string | - - - -### statusList2021CredentialBuilder.proof(proof) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) -Adds a credential's proof. - -**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - -| Param | Type | -| --- | --- | -| proof | [Proof](#Proof) | - - - -### statusList2021CredentialBuilder.build() ⇒ [StatusList2021Credential](#StatusList2021Credential) -Attempts to build a valid [StatusList2021Credential](#StatusList2021Credential) with the previously provided data. - -**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder) - - -## StatusList2021Entry -[StatusList2021Entry](https://www.w3.org/TR/2023/WD-vc-status-list-20230427/#statuslist2021entry) implementation. - -**Kind**: global class - -* [StatusList2021Entry](#StatusList2021Entry) - * [new StatusList2021Entry(status_list, purpose, index, [id])](#new_StatusList2021Entry_new) - * _instance_ - * [.id()](#StatusList2021Entry+id) ⇒ string - * [.purpose()](#StatusList2021Entry+purpose) ⇒ [StatusPurpose](#StatusPurpose) - * [.index()](#StatusList2021Entry+index) ⇒ number - * [.statusListCredential()](#StatusList2021Entry+statusListCredential) ⇒ string - * [.toStatus()](#StatusList2021Entry+toStatus) ⇒ Status - * [.clone()](#StatusList2021Entry+clone) ⇒ [StatusList2021Entry](#StatusList2021Entry) - * [.toJSON()](#StatusList2021Entry+toJSON) ⇒ any - * _static_ - * [.fromJSON(json)](#StatusList2021Entry.fromJSON) ⇒ [StatusList2021Entry](#StatusList2021Entry) - - - -### new StatusList2021Entry(status_list, purpose, index, [id]) -Creates a new [StatusList2021Entry](#StatusList2021Entry). - - -| Param | Type | -| --- | --- | -| status_list | string | -| purpose | [StatusPurpose](#StatusPurpose) | -| index | number | -| [id] | string \| undefined | - - - -### statusList2021Entry.id() ⇒ string -Returns this `credentialStatus`'s `id`. - -**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry) - - -### statusList2021Entry.purpose() ⇒ [StatusPurpose](#StatusPurpose) -Returns the purpose of this entry. - -**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry) - - -### statusList2021Entry.index() ⇒ number -Returns the index of this entry. - -**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry) - - -### statusList2021Entry.statusListCredential() ⇒ string -Returns the referenced [StatusList2021Credential](#StatusList2021Credential)'s url. - -**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry) - - -### statusList2021Entry.toStatus() ⇒ Status -Downcasts [this](this) to [Status](Status) - -**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry) - - -### statusList2021Entry.clone() ⇒ [StatusList2021Entry](#StatusList2021Entry) -Deep clones the object. - -**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry) - - -### statusList2021Entry.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry) - - -### StatusList2021Entry.fromJSON(json) ⇒ [StatusList2021Entry](#StatusList2021Entry) -Deserializes an instance from a JSON object. - -**Kind**: static method of [StatusList2021Entry](#StatusList2021Entry) - -| Param | Type | -| --- | --- | -| json | any | - - - -## Storage -A type wrapping a `JwkStorage` and `KeyIdStorage` that should always be used together when -working with storage backed DID documents. - -**Kind**: global class - -* [Storage](#Storage) - * [new Storage(jwkStorage, keyIdStorage)](#new_Storage_new) - * [.keyIdStorage()](#Storage+keyIdStorage) ⇒ KeyIdStorage - * [.keyStorage()](#Storage+keyStorage) ⇒ JwkStorage - - - -### new Storage(jwkStorage, keyIdStorage) -Constructs a new `Storage`. - - -| Param | Type | -| --- | --- | -| jwkStorage | JwkStorage | -| keyIdStorage | KeyIdStorage | - - - -### storage.keyIdStorage() ⇒ KeyIdStorage -Obtain the wrapped `KeyIdStorage`. - -**Kind**: instance method of [Storage](#Storage) - - -### storage.keyStorage() ⇒ JwkStorage -Obtain the wrapped `JwkStorage`. - -**Kind**: instance method of [Storage](#Storage) - - -## Timestamp -**Kind**: global class - -* [Timestamp](#Timestamp) - * [new Timestamp()](#new_Timestamp_new) - * _instance_ - * [.toRFC3339()](#Timestamp+toRFC3339) ⇒ string - * [.checkedAdd(duration)](#Timestamp+checkedAdd) ⇒ [Timestamp](#Timestamp) \| undefined - * [.checkedSub(duration)](#Timestamp+checkedSub) ⇒ [Timestamp](#Timestamp) \| undefined - * [.toJSON()](#Timestamp+toJSON) ⇒ any - * _static_ - * [.parse(input)](#Timestamp.parse) ⇒ [Timestamp](#Timestamp) - * [.nowUTC()](#Timestamp.nowUTC) ⇒ [Timestamp](#Timestamp) - * [.fromJSON(json)](#Timestamp.fromJSON) ⇒ [Timestamp](#Timestamp) - - - -### new Timestamp() -Creates a new [Timestamp](#Timestamp) with the current date and time. - - - -### timestamp.toRFC3339() ⇒ string -Returns the [Timestamp](#Timestamp) as an RFC 3339 `String`. - -**Kind**: instance method of [Timestamp](#Timestamp) - - -### timestamp.checkedAdd(duration) ⇒ [Timestamp](#Timestamp) \| undefined -Computes `self + duration` - -Returns `null` if the operation leads to a timestamp not in the valid range for [RFC 3339](https://tools.ietf.org/html/rfc3339). - -**Kind**: instance method of [Timestamp](#Timestamp) - -| Param | Type | -| --- | --- | -| duration | [Duration](#Duration) | - - - -### timestamp.checkedSub(duration) ⇒ [Timestamp](#Timestamp) \| undefined -Computes `self - duration` - -Returns `null` if the operation leads to a timestamp not in the valid range for [RFC 3339](https://tools.ietf.org/html/rfc3339). - -**Kind**: instance method of [Timestamp](#Timestamp) - -| Param | Type | -| --- | --- | -| duration | [Duration](#Duration) | - - - -### timestamp.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [Timestamp](#Timestamp) - - -### Timestamp.parse(input) ⇒ [Timestamp](#Timestamp) -Parses a [Timestamp](#Timestamp) from the provided input string. - -**Kind**: static method of [Timestamp](#Timestamp) - -| Param | Type | -| --- | --- | -| input | string | - - - -### Timestamp.nowUTC() ⇒ [Timestamp](#Timestamp) -Creates a new [Timestamp](#Timestamp) with the current date and time. - -**Kind**: static method of [Timestamp](#Timestamp) - - -### Timestamp.fromJSON(json) ⇒ [Timestamp](#Timestamp) -Deserializes an instance from a JSON object. - -**Kind**: static method of [Timestamp](#Timestamp) - -| Param | Type | -| --- | --- | -| json | any | - - - -## UnknownCredential -**Kind**: global class - -* [UnknownCredential](#UnknownCredential) - * _instance_ - * [.tryIntoJwt()](#UnknownCredential+tryIntoJwt) ⇒ [Jwt](#Jwt) \| undefined - * [.tryIntoCredential()](#UnknownCredential+tryIntoCredential) ⇒ [Credential](#Credential) \| undefined - * [.tryIntoRaw()](#UnknownCredential+tryIntoRaw) ⇒ Record.<string, any> \| undefined - * [.toJSON()](#UnknownCredential+toJSON) ⇒ any - * [.clone()](#UnknownCredential+clone) ⇒ [UnknownCredential](#UnknownCredential) - * _static_ - * [.fromJSON(json)](#UnknownCredential.fromJSON) ⇒ [UnknownCredential](#UnknownCredential) - - - -### unknownCredential.tryIntoJwt() ⇒ [Jwt](#Jwt) \| undefined -Returns a [Jwt](#Jwt) if the credential is of type string, `undefined` otherwise. - -**Kind**: instance method of [UnknownCredential](#UnknownCredential) - - -### unknownCredential.tryIntoCredential() ⇒ [Credential](#Credential) \| undefined -Returns a [Credential](#Credential) if the credential is of said type, `undefined` otherwise. - -**Kind**: instance method of [UnknownCredential](#UnknownCredential) - - -### unknownCredential.tryIntoRaw() ⇒ Record.<string, any> \| undefined -Returns the contained value as an Object, if it can be converted, `undefined` otherwise. - -**Kind**: instance method of [UnknownCredential](#UnknownCredential) - - -### unknownCredential.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [UnknownCredential](#UnknownCredential) - - -### unknownCredential.clone() ⇒ [UnknownCredential](#UnknownCredential) -Deep clones the object. - -**Kind**: instance method of [UnknownCredential](#UnknownCredential) - - -### UnknownCredential.fromJSON(json) ⇒ [UnknownCredential](#UnknownCredential) -Deserializes an instance from a JSON object. - -**Kind**: static method of [UnknownCredential](#UnknownCredential) - -| Param | Type | -| --- | --- | -| json | any | - - - -## VerificationMethod -A DID Document Verification Method. - -**Kind**: global class - -* [VerificationMethod](#VerificationMethod) - * [new VerificationMethod(id, controller, type_, data)](#new_VerificationMethod_new) - * _instance_ - * [.id()](#VerificationMethod+id) ⇒ [DIDUrl](#DIDUrl) - * [.setId(id)](#VerificationMethod+setId) - * [.controller()](#VerificationMethod+controller) ⇒ [CoreDID](#CoreDID) - * [.setController(did)](#VerificationMethod+setController) - * [.type()](#VerificationMethod+type) ⇒ [MethodType](#MethodType) - * [.setType(type_)](#VerificationMethod+setType) - * [.data()](#VerificationMethod+data) ⇒ [MethodData](#MethodData) - * [.setData(data)](#VerificationMethod+setData) - * [.properties()](#VerificationMethod+properties) ⇒ Map.<string, any> - * [.setPropertyUnchecked(key, value)](#VerificationMethod+setPropertyUnchecked) - * [.toJSON()](#VerificationMethod+toJSON) ⇒ any - * [.clone()](#VerificationMethod+clone) ⇒ [VerificationMethod](#VerificationMethod) - * _static_ - * [.newFromJwk(did, key, [fragment])](#VerificationMethod.newFromJwk) ⇒ [VerificationMethod](#VerificationMethod) - * [.fromJSON(json)](#VerificationMethod.fromJSON) ⇒ [VerificationMethod](#VerificationMethod) - - - -### new VerificationMethod(id, controller, type_, data) -Create a custom [VerificationMethod](#VerificationMethod). - - -| Param | Type | -| --- | --- | -| id | [DIDUrl](#DIDUrl) | -| controller | [CoreDID](#CoreDID) | -| type_ | [MethodType](#MethodType) | -| data | [MethodData](#MethodData) | - - - -### verificationMethod.id() ⇒ [DIDUrl](#DIDUrl) -Returns a copy of the [DIDUrl](#DIDUrl) of the [VerificationMethod](#VerificationMethod)'s `id`. - -**Kind**: instance method of [VerificationMethod](#VerificationMethod) - - -### verificationMethod.setId(id) -Sets the id of the [VerificationMethod](#VerificationMethod). - -**Kind**: instance method of [VerificationMethod](#VerificationMethod) - -| Param | Type | -| --- | --- | -| id | [DIDUrl](#DIDUrl) | - - - -### verificationMethod.controller() ⇒ [CoreDID](#CoreDID) -Returns a copy of the `controller` `DID` of the [VerificationMethod](#VerificationMethod). - -**Kind**: instance method of [VerificationMethod](#VerificationMethod) - - -### verificationMethod.setController(did) -Sets the `controller` `DID` of the [VerificationMethod](#VerificationMethod) object. - -**Kind**: instance method of [VerificationMethod](#VerificationMethod) - -| Param | Type | -| --- | --- | -| did | [CoreDID](#CoreDID) | - - - -### verificationMethod.type() ⇒ [MethodType](#MethodType) -Returns a copy of the [VerificationMethod](#VerificationMethod) type. - -**Kind**: instance method of [VerificationMethod](#VerificationMethod) - - -### verificationMethod.setType(type_) -Sets the [VerificationMethod](#VerificationMethod) type. - -**Kind**: instance method of [VerificationMethod](#VerificationMethod) - -| Param | Type | -| --- | --- | -| type_ | [MethodType](#MethodType) | - - - -### verificationMethod.data() ⇒ [MethodData](#MethodData) -Returns a copy of the [VerificationMethod](#VerificationMethod) public key data. - -**Kind**: instance method of [VerificationMethod](#VerificationMethod) - - -### verificationMethod.setData(data) -Sets [VerificationMethod](#VerificationMethod) public key data. - -**Kind**: instance method of [VerificationMethod](#VerificationMethod) - -| Param | Type | -| --- | --- | -| data | [MethodData](#MethodData) | - - - -### verificationMethod.properties() ⇒ Map.<string, any> -Get custom properties of the Verification Method. - -**Kind**: instance method of [VerificationMethod](#VerificationMethod) - - -### verificationMethod.setPropertyUnchecked(key, value) -Adds a custom property to the Verification Method. -If the value is set to `null`, the custom property will be removed. - -### WARNING -This method can overwrite existing properties like `id` and result -in an invalid Verification Method. - -**Kind**: instance method of [VerificationMethod](#VerificationMethod) - -| Param | Type | -| --- | --- | -| key | string | -| value | any | - - - -### verificationMethod.toJSON() ⇒ any -Serializes this to a JSON object. - -**Kind**: instance method of [VerificationMethod](#VerificationMethod) - - -### verificationMethod.clone() ⇒ [VerificationMethod](#VerificationMethod) -Deep clones the object. - -**Kind**: instance method of [VerificationMethod](#VerificationMethod) - - -### VerificationMethod.newFromJwk(did, key, [fragment]) ⇒ [VerificationMethod](#VerificationMethod) -Creates a new [VerificationMethod](#VerificationMethod) from the given `did` and [Jwk](#Jwk). If `fragment` is not given -the `kid` value of the given `key` will be used, if present, otherwise an error is returned. - -### Recommendations -The following recommendations are essentially taken from the `publicKeyJwk` description from the [DID specification](https://www.w3.org/TR/did-core/#dfn-publickeyjwk): -- It is recommended that verification methods that use `Jwks` to represent their public keys use the value of - `kid` as their fragment identifier. This is -done automatically if `None` is passed in as the fragment. -- It is recommended that [Jwk](#Jwk) kid values are set to the public key fingerprint. - -**Kind**: static method of [VerificationMethod](#VerificationMethod) - -| Param | Type | -| --- | --- | -| did | [CoreDID](#CoreDID) \| IToCoreDID | -| key | [Jwk](#Jwk) | -| [fragment] | string \| undefined | - - - -### VerificationMethod.fromJSON(json) ⇒ [VerificationMethod](#VerificationMethod) -Deserializes an instance from a JSON object. - -**Kind**: static method of [VerificationMethod](#VerificationMethod) - -| Param | Type | -| --- | --- | -| json | any | - - - -## StatusCheck -Controls validation behaviour when checking whether or not a credential has been revoked by its -[`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status). - -**Kind**: global variable - - -## Strict -Validate the status if supported, reject any unsupported -[`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status) types. - -Only `RevocationBitmap2022` is currently supported. - -This is the default. - -**Kind**: global variable - - -## SkipUnsupported -Validate the status if supported, skip any unsupported -[`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status) types. - -**Kind**: global variable - - -## SkipAll -Skip all status checks. - -**Kind**: global variable - - -## CredentialStatus -**Kind**: global variable - - -## PayloadType -**Kind**: global variable - - -## ProofAlgorithm -**Kind**: global variable - - -## StatusPurpose -Purpose of a [StatusList2021](#StatusList2021). - -**Kind**: global variable - - -## FailFast -Declares when validation should return if an error occurs. - -**Kind**: global variable - - -## AllErrors -Return all errors that occur during validation. - -**Kind**: global variable - - -## FirstError -Return after the first error occurs. - -**Kind**: global variable - - -## StateMetadataEncoding -**Kind**: global variable - - -## SerializationType -**Kind**: global variable - - -## MethodRelationship -**Kind**: global variable - - -## PresentationProofAlgorithm -**Kind**: global variable - - -## SubjectHolderRelationship -Declares how credential subjects must relate to the presentation holder. - -See also the [Subject-Holder Relationship](https://www.w3.org/TR/vc-data-model/#subject-holder-relationships) section of the specification. - -**Kind**: global variable - - -## AlwaysSubject -The holder must always match the subject on all credentials, regardless of their [`nonTransferable`](https://www.w3.org/TR/vc-data-model/#nontransferable-property) property. -This variant is the default. - -**Kind**: global variable - - -## SubjectOnNonTransferable -The holder must match the subject only for credentials where the [`nonTransferable`](https://www.w3.org/TR/vc-data-model/#nontransferable-property) property is `true`. - -**Kind**: global variable - - -## Any -The holder is not required to have any kind of relationship to any credential subject. - -**Kind**: global variable - - -## encodeB64(data) ⇒ string -Encode the given bytes in url-safe base64. - -**Kind**: global function - -| Param | Type | -| --- | --- | -| data | Uint8Array | - - - -## decodeB64(data) ⇒ Uint8Array -Decode the given url-safe base64-encoded slice into its raw bytes. - -**Kind**: global function - -| Param | Type | -| --- | --- | -| data | Uint8Array | - - - -## start() -Initializes the console error panic hook for better error messages - -**Kind**: global function - - -## verifyEd25519(alg, signingInput, decodedSignature, publicKey) -Verify a JWS signature secured with the `EdDSA` algorithm and curve `Ed25519`. - -This function is useful when one is composing a `IJwsVerifier` that delegates -`EdDSA` verification with curve `Ed25519` to this function. - -# Warning - -This function does not check whether `alg = EdDSA` in the protected header. Callers are expected to assert this -prior to calling the function. - -**Kind**: global function - -| Param | Type | -| --- | --- | -| alg | JwsAlgorithm | -| signingInput | Uint8Array | -| decodedSignature | Uint8Array | -| publicKey | [Jwk](#Jwk) | - diff --git a/docs/build/identity.rs/1.3/docs/references/specifications/revocation-bitmap-2022.mdx b/docs/build/identity.rs/1.3/docs/references/specifications/revocation-bitmap-2022.mdx index 5c7b89aaa8d..48b4050a6c3 100644 --- a/docs/build/identity.rs/1.3/docs/references/specifications/revocation-bitmap-2022.mdx +++ b/docs/build/identity.rs/1.3/docs/references/specifications/revocation-bitmap-2022.mdx @@ -188,7 +188,7 @@ Because of its space efficiency, a roaring bitmap is preferred for representing The [RevocationList2020 specification](https://w3c-ccg.github.io/vc-status-rl-2020/) and [StatusList2021 specification](https://w3c-ccg.github.io/vc-status-list-2021/) both describe a similar revocation mechanism using a verifiable credential that contains a bitmap, similar to the `RevocationBitmap2022` approach. The credential is hosted outside of the DID document and the verifier thus needs to fetch it from an external resource, likely one controlled by the issuer. This has privacy implications as the issuer can track where a fetch request for the credential came from and potentially infer who the credential was verified by and for what purpose. The issuer can also potentially infer which credential was checked. Because `RevocationBitmap2022` is embedded in the issuer's DID document, which can be obtained without the their knowledge, this approach does not suffer from these privacy shortcomings. See also the [privacy considerations](#privacy-considerations). -A downside of embedding the revocation list in the DID document is that storage in a distributed ledger (DLT) is usually more expensive than other storage hosting solutions. The DLT might also impose message size limitations, capping the total number of revocations that can be done (see also [compression](#compression)). +A downside of embedding the revocation list in the DID document is that storage in a distributed ledger (DLT) is usually more expensive than other storage hosting solutions. The DLT might also impose message size limitations, capping the total number of revocations that can be done (see also [compression](#compression-and-maximum-size)). Another difference is that `RevocationList2020` specifies a minimum initial size of 131,072 for its bitstring, to mitigate the potential for correlating individuals when few credentials have been issued. `RevocationBitmap2022` uses a roaring bitmap instead of a bitstring, so the maximum size is not fixed (apart from the upper bound of an unsigned 32-bit integer). This means the bitmap cannot be used to correlate small populations without more information not present in the bitmap itself. However, both schemes still reveal publicly how many credentials have been revoked, which could be used to infer other information if more knowledge about how an issuer assigns credential revocation indexes is known. diff --git a/docs/build/identity.rs/1.3/docs/references/specifications/revocation-timeframe-2024.mdx b/docs/build/identity.rs/1.3/docs/references/specifications/revocation-timeframe-2024.mdx index 9acb71f1e00..5eb76798a5d 100644 --- a/docs/build/identity.rs/1.3/docs/references/specifications/revocation-timeframe-2024.mdx +++ b/docs/build/identity.rs/1.3/docs/references/specifications/revocation-timeframe-2024.mdx @@ -57,9 +57,9 @@ For an issuer to enable verifiers to check the status of a verifiable credential | Property | Description | | :---------------------- | :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `id` | The constraints on the `id` property are listed in the [Verifiable Credentials Data Model specification](https://www.w3.org/TR/vc-data-model/). The `id` MUST be a [DID URL](https://www.w3.org/TR/did-core/#did-url-syntax) that is the URL to a [Revocation Bitmap Service](#revocation-bitmap-service) in the DID Document of the issuer. | +| `id` | The constraints on the `id` property are listed in the [Verifiable Credentials Data Model specification](https://www.w3.org/TR/vc-data-model/). The `id` MUST be a [DID URL](https://www.w3.org/TR/did-core/#did-url-syntax) that is the URL to a [Revocation Timeframe Service](#revocation-timeframe-service) in the DID Document of the issuer. | | `type` | The `type` property MUST be `"RevocationTimeframe2024"`. | -| `revocationBitmapIndex` | The `revocationBitmapIndex` property MUST be an unsigned, 32-bit integer expressed as a string. This is the index of the credential in the issuers revocation bitmap. Each index SHOULD be unique among all credentials linking to the same [Revocation Bitmap Service](#revocation-bitmap-service). To ensure user unlinkability, this value MUST NOT be disclosed to the verifier (this is done by default). | +| `revocationBitmapIndex` | The `revocationBitmapIndex` property MUST be an unsigned, 32-bit integer expressed as a string. This is the index of the credential in the issuers revocation bitmap. Each index SHOULD be unique among all credentials linking to the same [Revocation Timeframe Service](#revocation-timeframe-service). To ensure user unlinkability, this value MUST NOT be disclosed to the verifier (this is done by default). | | `startValidityTimeframe`| The `startValidityTimeframe` property MUST be a [RFC 3339](https://datatracker.ietf.org/doc/html/rfc3339)-compliant timestamp. | | `endValidityTimeframe`| The `endValidityTimeframe` property MUST be a [RFC 3339](https://datatracker.ietf.org/doc/html/rfc3339)-compliant timestamp. | @@ -92,13 +92,13 @@ An example of a verifiable credential with a `credentialStatus` of type `Revocat ### Revocation Timeframe Service -To allow verifiers to check the status of a [Revocation Timeframe Status](#revocation-bitmap-status), the DID document of the credential issuer MUST contain a [service](https://www.w3.org/TR/did-core/#services) with the following properties: +To allow verifiers to check the status of a [Revocation Timeframe Status](#revocation-timeframe-status), the DID document of the credential issuer MUST contain a [service](https://www.w3.org/TR/did-core/#services) with the following properties: | Property | Description | | :---------------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `id` | The constraints on the `id` property are listed in the [DID Core service specification](https://www.w3.org/TR/did-core/#services). The `id` property MUST be a DID URL uniquely identifying the revocation bitmap. | -| `type` | The `type` property MUST be `"RevocationTimeframe2024"`. | -| `serviceEndpoint` | The `serviceEndpoint` MUST be generated according to the [service endpoint generation algorithm](#service-endpoint-generation-algorithm). | +| `type` | The `type` property MUST be `"RevocationTimeframe2024"`. | +| `serviceEndpoint` | The `serviceEndpoint` MUST be generated according to the service endpoint generation algorithm described in [`RevocationBitmap2022`](revocation-bitmap-2022.mdx#service-endpoint-generation-algorithm). | #### Example diff --git a/docs/build/identity.rs/1.3/docs/workflow.mdx b/docs/build/identity.rs/1.3/docs/workflow.mdx index 70449a8673c..d65413f90e5 100644 --- a/docs/build/identity.rs/1.3/docs/workflow.mdx +++ b/docs/build/identity.rs/1.3/docs/workflow.mdx @@ -135,7 +135,7 @@ With the release process, we can deliver versions of our software to the communi The final list of changes from the [changelog](#changelog) informs the version of the release. If at least one change mapping to a major version is included, the major version needs to be incremented. In that case, the minor and patch versions are set to `0`. If there are no changes related to a major version, but changes related to a minor version are present, the minor version needs to be incremented while the patch version is set to `0`. Otherwise, only the patch version is incremented. Determining the version of the release is the responsibility of the person performing the release. -The determined version of the release is used to create the [hotfix](#hotfix) or [release](#release) branch. For example, a major release from the previous version `v2.3.1` will create the `release/v3.0.0` branch. +The determined version of the release is used to create the hotfix or [release](#release) branch. For example, a major release from the previous version `v2.3.1` will create the `release/v3.0.0` branch. Notice the `v` in front of the version. We [tag](https://git-scm.com/book/en/v2/Git-Basics-Tagging) all release in git in the form of `vMAJOR.MINOR.PATCH`. For bindings, we prefix the tag with the binding name, so a tag for Wasm would look like `wasm-v1.2.3`. Bindings and the core Rust library are versioned and released independently. diff --git a/docs/build/identity.rs/1.3/sidebars.js b/docs/build/identity.rs/1.3/sidebars.js index 552c26a33ce..b04c0e25141 100644 --- a/docs/build/identity.rs/1.3/sidebars.js +++ b/docs/build/identity.rs/1.3/sidebars.js @@ -84,9 +84,14 @@ module.exports = { label: 'API', items: [ { - type: 'doc', - id: 'references/api/wasm', + type: 'category', label: 'Wasm', + items: [ + { + type: 'autogenerated', + dirName: 'references/wasm', + }, + ], }, { type: 'link', diff --git a/package.json b/package.json index 7a23d602122..77a8a8e6d24 100644 --- a/package.json +++ b/package.json @@ -4,7 +4,7 @@ "scripts": { "checkout": "git submodule update --init", "checkout:remote": "yarn checkout --remote", - "generate:api": "docusaurus gen-api-docs all && ./scripts/get_sdk_references.sh && ./scripts/get_wasp_references.sh", + "generate:api": "docusaurus gen-api-docs all && ./scripts/get_sdk_references.sh && ./scripts/get_wasp_references.sh && ./scripts/get_identity_references.sh", "lint": "eslint --cache --fix .", "lint:check": "eslint --cache .", "lint:links": "iota-wiki check", diff --git a/scripts/get_identity_references.sh b/scripts/get_identity_references.sh new file mode 100755 index 00000000000..fce7ee4da06 --- /dev/null +++ b/scripts/get_identity_references.sh @@ -0,0 +1,14 @@ +#!/bin/sh + + # Create temporaty directory to work in + mkdir tmp + cd tmp + + # Download and copy docs + curl -sL https://s3.eu-central-1.amazonaws.com/files.iota.org/iota-wiki/iota-identity/1.3/wasm.tar.gz | tar xzv + cp -Rv docs/* ../docs/build/identity.rs/1.3/docs/references/ + + # Return to root and cleanup + cd - + rm -rf tmp + \ No newline at end of file