Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
@interop/did-web-resolver
Advanced tools
A did:web method Decentralized Identifier (DID) resolver for the did-io library.
did:web
Resolver (@interop/did-web-resolver)A did:web method Decentralized Identifier (DID) resolver for the did-io library.
TBD
A did:web
method driver for use with in-browser and server-side on Node.js
with the did-io
resolver library.
Draft spec (W3C CCG Work Item):
did:web
Decentralized Identifier Method Specification
Other implementations:
import { Ed25519VerificationKey2020 }
from '@digitalcredentials/ed25519-verification-key-2020'
import { X25519KeyAgreementKey2020 }
from '@digitalcredentials/x25519-key-agreement-key-2020'
import { CryptoLD } from 'crypto-ld'
import * as didWeb from '@interop/did-web-resolver'
const cryptoLd = new CryptoLD()
cryptoLd.use(Ed25519VerificationKey2020)
cryptoLd.use(X25519KeyAgreementKey2020)
const didWebDriver = didWeb.driver({ cryptoLd })
// Optionally use it with the CachedResolver from did-io
import {CachedResolver} from '@digitalcredentials/did-io';
const resolver = new CachedResolver()
resolver.use(didWebDriver)
If you have a deterministic secret seed (created with did-cli
,
for example) and would like to generate a did:web
document from it:
const url = 'https://example.com'
const seed = 'z1AhV1bADy7RepJ64mvH7Kk7htFNGc7EA1WA5nGzLSTWc6o'
const { didDocument, keyPairs, methodFor } = await didWebDriver.generate({ url, seed })
// didDocument
{
'@context': [
'https://www.w3.org/ns/did/v1',
'https://w3id.org/security/suites/ed25519-2020/v1',
'https://w3id.org/security/suites/x25519-2020/v1'
],
id: 'did:web:example.com',
assertionMethod: [{
id: 'did:web:example.com#z6MkmDMjfkjs9XPCN1LfoQQRHz1mJ8PEdiVYC66XKhj3wGyB',
type: 'Ed25519VerificationKey2020',
controller: 'did:web:example.com',
publicKeyMultibase: 'z6MkmDMjfkjs9XPCN1LfoQQRHz1mJ8PEdiVYC66XKhj3wGyB'
}]
}
Invoking generate()
by itself will create new keypairs for each proof purpose.
const { didDocument, keyPairs, methodFor } = await didWebDriver.generate()
// didDocument
{
'@context': [
'https://www.w3.org/ns/did/v1',
'https://w3id.org/security/suites/ed25519-2020/v1',
'https://w3id.org/security/suites/x25519-2020/v1'
],
id: 'did:web:example.com',
capabilityInvocation: [{
id: 'did:web:example.com#z6MkqUiWi2o5V5oDEVzqszpkDhzeJ2o9Z4zVyTWeASqgrgti',
type: 'Ed25519VerificationKey2020',
controller: 'did:web:example.com',
publicKeyMultibase: 'zC2TU7nYe9YJk81A9CRruNcSeUTXJ9Bk9HSbiLAsfwU7L'
}],
authentication: [{
id: 'did:web:example.com#z6MksjNYAxjiTrhPFx9Ljk3SVowEtFXhFqLdsMKJHV4KrcDT',
type: 'Ed25519VerificationKey2020',
controller: 'did:web:example.com',
publicKeyMultibase: 'zEH7VaiVH8KCv9TJe4B5beiPF4gFqqx6HBLQNTD6JwPS5'
}],
assertionMethod: [{
id: 'did:web:example.com#z6MkiyYa5mG4moiHrmXQea8bNvdEWRWi3KuouHqoiknGf7xV',
type: 'Ed25519VerificationKey2020',
controller: 'did:web:example.com',
publicKeyMultibase: 'z5XHXVX1dSGDpkGghy1AkXq5EgrErdSfTDGvstUpFjuB7'
}],
capabilityDelegation: [{
id: 'did:web:example.com#z6MknmeMZEXLhS6g2p6YPHkQG4PkNsJev652CqnsArPm3dZa',
type: 'Ed25519VerificationKey2020',
controller: 'did:web:example.com',
publicKeyMultibase: 'z9KPJxzGuMtcCvKFqhinZQxqkZJ2oWCpfWpswLaRk8QnC'
}],
keyAgreement: [{
id: 'did:web:example.com#z6LSg3dWQzpQgRpaVzNXkcosnheyhXJUQkNQQgXyDapFSCFZ',
type: 'X25519KeyAgreementKey2020',
controller: 'did:web:example.com',
publicKeyMultibase: 'z5NTLth1Yay6qQbzmDyHvU7SVrNmMi9CFXhpHj8AiipUo'
}]
}
git clone https://github.com/interop-alliance/did-web-resolver.git
cd did-web-resolver
npm install
PRs accepted.
The MIT License ©2020-2021 Interop Alliance and Dmitri Zagidulin
FAQs
A did:web method Decentralized Identifier (DID) resolver for the did-io library.
The npm package @interop/did-web-resolver receives a total of 72 weekly downloads. As such, @interop/did-web-resolver popularity was classified as not popular.
We found that @interop/did-web-resolver demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.