search

decentralized-identity / trustdidweb-ts

An implementation in Typescript of the Trust DID Web (did:tdw) DID Method
Apache License 2.0
8 stars 9 forks source link

Create a new did:tdw #13

Closed marlonbaeten closed 1 month ago

marlonbaeten commented 3 months ago

Hi! I'm trying to create a new did:tdw, but it seems that generating a fresh keypair triggers an error.

I created the following testcase:

import { expect, test } from "bun:test";
import { generate } from '@digitalbazaar/ed25519-multikey';
import { createDID, resolveDID } from "../src/method";
import { createSigner } from "../src/signing";

test("shit", async () => {
  const ed25519 = await generate();

  const authKey = {
    type: "authentication"as const,
    publicKeyMultibase: ed25519.publicKeyMultibase,
    secretKeyMultibase: ed25519.secretKeyMultibase
  };

  const result = await createDID({
    domain: 'example.com',
    signer: createSigner(authKey),
    updateKeys: [
      `did:key:${authKey.publicKeyMultibase}`,
    ],
    verificationMethods: [authKey],
    created: new Date(),
  });

  const resolveResult = await resolveDID(result.log, {versionId: 1});
  expect(resolveResult).toBeObject();
});

I think the resolveDID step should succeed, but instead it throws an error:

error: version 1 failed verification of the proof.

If I do not generate the key material but use one of the keys defined in test/fixtures/keys.json the above test case succeeds. Maybe @digitalbazaar/ed25519-multikey is not the correct tool to create the key material? How was the content of test/fixtures/keys.json created?

brianorwhatever commented 3 months ago

yeah, this issue is the reason I ended up creating the fixture keys. It appears their is something interacting in the @digitalbazaar/ed25519-multikey library and bun. If you log the publicKey that is generated you'll notice it is always the same.. We will either need to resolve the root cause of this issue or drop bun..

thanks for creating this issue. Will keep it open until one of the above options has been completed

brianorwhatever commented 3 months ago

I managed to get your test to pass without using the digitalbazaar library. Here is the code that uses @noble/ed25519

import { expect, test } from "bun:test";
import * as ed from '@noble/ed25519';
import { createDID, resolveDID } from "../src/method";
import { createSigner } from "../src/signing";
import { base58btc } from "multiformats/bases/base58";

test("shit", async () => {
  const privKey = ed.utils.randomPrivateKey();
  const pubKey = await ed.getPublicKeyAsync(privKey);

  const publicKeyMultibase = base58btc.encode(Buffer.concat([new Uint8Array([0xed, 0x01]), pubKey]));
  const secretKeyMultibase = base58btc.encode(Buffer.concat([new Uint8Array([0x80, 0x26]), privKey]));

  const authKey = {
    type: "authentication"as const,
    publicKeyMultibase,
    secretKeyMultibase
  };

  const result = await createDID({
    domain: 'example.com',
    signer: createSigner(authKey),
    updateKeys: [
      `did:key:${authKey.publicKeyMultibase}`,
    ],
    verificationMethods: [authKey],
    created: new Date(),
  });

  const resolveResult = await resolveDID(result.log, {versionId: 1});
  expect(resolveResult).toBeObject();
});

I will remove the digitalbazaar library from the dependency list

brianorwhatever commented 3 months ago

I'm working on a PR that removes the dependency and removes the key fixtures here https://github.com/bcgov/trustdidweb-ts/pull/14

marlonbaeten commented 1 month ago

Works - thank you!