Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@civic/civic-sign

Package Overview
Dependencies
Maintainers
0
Versions
117
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@civic/civic-sign

An abstraction around proof of ownership using DIDs

  • 0.7.2
  • latest
  • npm
  • Socket score

Version published
Weekly downloads
25
decreased by-93.81%
Maintainers
0
Weekly downloads
 
Created
Source

CivicSign

The intention of this library is to provide an abstraction layer for retrieving a user’s DID and publicKey, as well as requesting proof by signing a message or transaction and finally verifying the proof is valid.

The following diagram can be used as reference in order to illustrate how the library will be used between the different Civic systems.

Getting Started with Solana

import { CivicSignProveFactory } from '@civic/civic-sign';
import { Keypair, Transaction } from '@solana/web3.js';

const keys = Keypair.generate();

const wallet: SolanaWalletAdapter = {
    publicKey: keys.publicKey,
    signTransaction: (transaction: Transaction) => {
        transaction.sign(keys);
        return Promise.resolve(transaction);
    },
};

const { requestDid, requestProof, verify } = CivicSignProveFactory.createWithSolanaWallet(wallet);
const { did } = requestDid();
const signedProof = requestProof();
const verifiedProofResult = verifyProof(signedProof, did);

console.log(did, signedProof, verifiedProofResult);

Getting Started with Ethereum

import { CivicSignProveFactory } from '@civic/civic-sign';
import { Wallet } from 'ethers';

const wallet = Wallet.createRandom();
const walletAdapter = {
    ...wallet,
    signTypedData: (domain: TypedDataDomain, types: Record<string, TypedDataField[]>, value: EthPowoMessage) => {
        return wallet._signTypedData(domain, types, value);
    },
    verifierAddress: 'verifierAddress',
};

const { requestDid, requestProof, verify } = CivicSignProveFactory.createWithEthereumWallet(walletAdapter);
const { did } = requestDid();
const signedProof = requestProof();
const verifiedProofResult = verifyProof(signedProof);

console.log(did, signedProof, verifiedProofResult);

Getting Started with ICP

import { CivicSignProveFactory } from '@civic/civic-sign';

const wallet = {
      principal:
        "example-principal",
    };

const { requestDid, requestProof, verify } = CivicSignProveFactory.createWithICPWallet(wallet);

const { did } = requestDid();
const signedProof = requestProof();
const verifiedProofResult = verifyProof(signedProof);

console.log(did, signedProof, verifiedProofResult);

Public Api

CivicSign has the following public Api methods available. Please refer to the docs for additional information available in the project.

Instantiating an instance with CivicSignProveFactory
MethodDescriptionReturns
createWithSolanaWalletcreate an instance of CivicSign with an instance of a SolanaWalletAdapterCivicSignProve
createWithEthereumWalletcreate an instance of CivicSign with an instance of a EthereumGatewayWalletCivicSignProve
createWithSolanaInIframecreate an instance of CivicSign for communicating with a remote instance of a Solana WalletCivicSignProve
createWithEthereumInIframecreate an instance of CivicSign for communicating with a remote instance of an Ethereum WalletCivicSignProve
Public Methods availabe from CivicSignProve
MethodDescriptionReturns
requestDidrequests a DID from a wallet instance or remotelyPromise
requestProofrequests a proof to be signed either through a wallet instance or remotelyPromise
signMessagerequests the user to sign a messagePromise
Verifying a proof
MethodDescriptionReturns
verifyverify a proof that was returned from requestProof is validPromise
Checking wallet DID ownership

To check whether a given wallet owns a given DID:

import { walletOwnsDID } from '@civic/civic-sign';

const walletAddress = '016752701213E0D5Ee093A355c4d8e16b15525177e3C97DB5F9E2AC7C69F5Bfd52';
const did = 'did:key:z6MkmQaws5ASXmntxzybdK4piNKTFQh17cJK3JEURfhbMX2Z';
const doesWalletOwnDid = await walletOwnsDID(walletAddress, did);

This will:

  • resolve the DID
  • Get all authorized keys on the DID document (i.e. VerificationMethods that appear in the capabilityInvocations or authentication lists )
  • For each of those keys, check if they match the given wallet address by asking chain-specific conversion code for each of the supported chains.
  • If there are any matches, return true.

Building the library

Contributing

The following commands are availabe when contriburing to the project.

yarn lint

Checks that the project lints successfully. This automatically gets run before building the project.

yarn test

Checks that all unit and integration tests pass. This automatically gets run before building the project.

yarn generateDocs

Generate docs based on the available types in the project.

yarn publish

Published a new version of the CivicSign library to NPM. Running the command will build the dist folder before continuing to publish.

FAQs

Package last updated on 20 Sep 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc