search

transmute-industries / did-key.js

A DID Key Implementation in TypeScript
https://did.key.transmute.industries/
Apache License 2.0
53 stars 15 forks source link

Generating a did:key secp256k1 from private key #307

Open lemoustachiste opened 12 months ago

lemoustachiste commented 12 months ago

So I may be confused as to what the seed is, as from the bitcoin perspective the seed is the passphrase to get to the private key, but given I already have a private key, can I generate a did:key from it? In that case what would be the expected syntax?

Thanks

phoniks commented 12 months ago

This may help: https://w3c-ccg.github.io/did-method-key/

lemoustachiste commented 12 months ago

Ok so this is not the first time I'm using did:key and while I appreciate you sending to the spec which I should probably refresh my mind on, my question is really related to the @transmute/did-key-secp256k1 package.

Here is what I have done before, when I created a key pair and the did:key representation of that key pair:

if (type === SupportedSuites.secp256k1) {
    const seed = crypto.randomBytes(32);
    keyPair = await EcdsaSecp256k1VerificationKey2019.generate({
      seed
    })
    didKey = await didKeySecp256k1.generate({
      secureRandom: () => seed
    });
    didDocument = didKey.didDocument;
    keyPair.controller = didDocument.id;
    keyPair.id = didDocument.verificationMethod[0].id;
  }

However now, since I already have the private key (and no seed), what would the API of the package expect to create a did document with the public representation derived from that private key?

I have a PEM format key generated as follows:

openssl ecparam -name secp256k1 -genkey -noout -out priv_k.pem

That's the one variable I cannot change because that's the way the private is handed to me.

Using keyto, I'm able to convert that key to JWK (private and public). I can confirm using JOSE that the public derived is the same with openssl or with JS, so I expect that the format is valid.

Then I am trying to convert the JWK to https://github.com/transmute-industries/verifiable-data/blob/main/packages/secp256k1-key-pair/src/getPublicKeyFromPublicKeyJwk.ts#L3, not entirely sure what format I should get from that, but basically trying to get back to a base58 format, sort of trying to replicate this behavior: https://github.com/transmute-industries/verifiable-data/blob/main/packages/secp256k1-key-pair/src/Secp256k1KeyPair.ts#L55-L57

However getPublicKeyFromPublicKeyJwk throws an error from secp256k1 level:

Public Key could not be parsed

Due to this condition not passing: https://github.com/cryptocoinjs/secp256k1-node/blob/master/lib/elliptic.js#L39. So I assume something somewhere is not the right math, but I'm not a cryptographer myself.

My ultimate goal is to get the PEM key represented as a did:key:secp256k1 format so that I can reference that public key in the proof.verificationMethod of my VC.

Hence my initial question, can I generate a did:key directly from the private key JWK, and if so how can I do it?