@kaytrust/prooftypes

@kaytrust/prooftypes is a library that allows the creation and verification of W3C Verifiable Credentials and Presentations in JWT format, using the JwtProof2020 proof type.

Features

Creation of Verifiable Credentials (VC) in JWT format.
Creation of Verifiable Presentations (VP) in JWT format.
Verification of VC and VP using DID-compatible resolvers.
Support for multiple DID methods, such as did:near and did:ethr.

Installation

You can install the library using npm or yarn:

npm install @kaytrust/prooftypes
# or
yarn add @kaytrust/prooftypes

Usage

Introduction

The library provides the ProofTypeJWT class to handle the creation and verification of proofs in JWT format. Below are the steps required to use it.

Initial Configuration

`ProofTypeJWT` Constructor

constructor(options: ProofTypeJWTConfig = {}, is_presentation?: boolean)

ProofTypeJWTConfig: Optional configuration for the issuer (Issuer) or verification options (resolver and verifyOptions).
is_presentation: If true, it will work with Verifiable Presentations; otherwise, it will work with Verifiable Credentials.

`ProofTypeJWTConfig` Type

type ProofTypeJWTConfig = {
    issuer?: Issuer, // Issuer to sign JWTs
    resolver?: ResolverOrOptions, // Resolver to verify JWTs
    verifyOptions?: VerifyOptions, // Additional verification options
}

Creating JWTs

Prerequisites

Before creating a JWT, you need to configure an Issuer object to sign the JWTs. You can use libraries such as @kaytrust/did-near or @kaytrust/did-ethr.

Example of Configuring an `Issuer`

import { NearDID } from '@kaytrust/did-near'
import { EthrDID } from '@kaytrust/did-ethr'

// NearDID Configuration
const issuer = new NearDID({
    privateKey: 'YOUR_PRIVATE_KEY',
    identifier: 'alice.near', // Optional
})

// EthrDID Configuration
const issuerEthr = new EthrDID({
    identifier: '0xf1232f840f3ad7d23fcdaa84d6c66dac24efb198', // Required
    privateKey: 'YOUR_PRIVATE_KEY'
})

The Issuer object includes:

did: Identifier of the issuer.
alg: Algorithm used in the JWT header.
signer: Function to generate the signature.

Creating a Verifiable Credential (VC)

Define the credential payload following the JwtCredentialPayload interface.
Use the generateProof method of the ProofTypeJWT class to generate the JWT.

Example

import { JwtCredentialPayload, ProofTypeJWT } from '@kaytrust/prooftypes'

const vcPayload: JwtCredentialPayload = {
  sub: 'did:near:...',
  nbf: 1562950282,
  vc: {
    '@context': ['https://www.w3.org/2018/credentials/v1'],
    type: ['VerifiableCredential'],
    credentialSubject: {
      degree: {
        type: 'BachelorDegree',
        name: 'Baccalauréat en musiques numériques'
      }
    }
  }
}

const proofTypeJwtCredential = new ProofTypeJWT({ issuer })
const vcJwt = await proofTypeJwtCredential.generateProof(vcPayload)
console.log(vcJwt)
// eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NkstUiJ9.eyJpYXQi...0CQmqB14NnN5XxD0d_glLRs1Myc_LBJjnuNwE

Creating a Verifiable Presentation (VP)

Define the presentation payload following the JwtPresentationPayload interface.
Use the generateProof method of the ProofTypeJWT class, setting the is_presentation parameter to true.

Example

import { JwtPresentationPayload, ProofTypeJWT } from '@kaytrust/prooftypes'

const vpPayload: JwtPresentationPayload = {
  vp: {
    '@context': ['https://www.w3.org/2018/credentials/v1'],
    type: ['VerifiablePresentation'],
    verifiableCredential: [vcJwt]
  }
}

const proofTypeJwtPresentation = new ProofTypeJWT({ issuer }, true)
const vpJwt = await proofTypeJwtPresentation.generateProof(vpPayload)
console.log(vpJwt)
// eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NkstUiJ9.eyJpYXQiOjE1ODI1NDc...JNMUzZ6naacuWNGdZGuU0ZDwmgpUMUqIzMqFFRmge0R8QA

Verifying JWTs

Prerequisites

To verify a JWT, you need a resolver that can resolve DID documents. You can use did-resolver with specific resolvers such as did:near or did:ethr.

Example of Configuring a Resolver

import { ResolverOrOptions } from '@kaytrust/prooftypes'
import { Resolver } from 'did-resolver'
import { getResolver as getNearResolver } from '@kaytrust/did-near-resolver'
import ethr from 'ethr-did-resolver'

const nearResolver = getNearResolver()
const ethrResolver = ethr.getResolver()

//If you are using multiple methods you need to flatten them into one object
const resolver:ResolverOrOptions = new Resolver({
    ...nearResolver,
    ...ethrResolver,
})
//If you are using one method you can simply pass the result of getResolver( into the constructor
const resolver:ResolverOrOptions = new Resolver(nearResolver);

EthrDID resolver options example

Setting resolver options for ethr-did-resolver

import { ResolverOrOptions, ProofTypeJWT } from '@kaytrust/prooftypes'
const RPC_AMOY = "<RPC_AMOY>";
const AMOY_CHAIN_ID = 80002;

const resolver:ResolverOrOptions = {registry: '0xBC56d0883ef228b2B16420E9002Ece0A46c893F8', rpcUrl: RPC_AMOY, chainId: AMOY_CHAIN_ID}

Verifying a Verifiable Credential (VC)

Use the verifyProof method of the ProofTypeJWT class to verify the JWT.

Example

import { ProofTypeJWT } from '@kaytrust/prooftypes'

const proofTypeJwtCredential = new ProofTypeJWT({ resolver })
const verifiedVC = await proofTypeJwtCredential.verifyProof(vcJwt)
console.log(verifiedVC)

Verifying a Verifiable Presentation (VP)

Use the verifyProof method of the ProofTypeJWT class, setting the is_presentation parameter to true.

Example

import { ProofTypeJWT } from '@kaytrust/prooftypes'

const proofTypeJwtPresentation = new ProofTypeJWT({ resolver }, true)
const verifiedVP = await proofTypeJwtPresentation.verifyProof(vpJwt)
console.log(verifiedVP)

Additional Notes

The JwtProof2020 proof type is a synthetic type for internal use and is not registered in the W3C data model.
Verified payloads are aligned with the W3C data model, making them easier to use in systems that handle multiple credential formats.

Contributions

If you want to contribute to this project, please open an issue or submit a pull request.