Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@worldcerts/wa-verify

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@worldcerts/wa-verify

[![CircleCI](https://circleci.com/gh/Open-Attestation/oa-verify.svg?style=svg)](https://circleci.com/gh/Open-Attestation/oa-verify)

2.1.0
latest
Source
npmnpm
Version published
Weekly downloads
0
-100%
Maintainers
1
Weekly downloads
 
Created
Source

@govtechsg/oa-verify

CircleCI

Library to verify any OpenAttestation document. This library implements the verifier ADR.

Installation

npm install @govtechsg/oa-verify

Usage

import { documentRopstenValidWithToken } from "./test/fixtures/v2/documentRopstenValidWithToken";
import { verify, isValid } from "@govtechsg/oa-verify";

verify(documentRopstenValidWithToken, { network: "ropsten" }).then(console.log); // see below
console.log(isValid(results)); // display true

[
  {
    "data": true,
    "status": "VALID",
    "name": "OpenAttestationHash",
    "type": "DOCUMENT_INTEGRITY"
  },
  {
    "message": "Document issuers doesn't have \"documentStore\" or \"certificateStore\" property or DOCUMENT_STORE method",
    "name": "OpenAttestationEthereumDocumentStoreIssued",
    "status": "SKIPPED",
    "type": "DOCUMENT_STATUS"
  },
  {
    "data": {
      "details": [
        {
          "address": "0xe59877ac86c0310e9ddaeb627f42fdee5f793fbe",
          "minted": true
        }
      ],
      "mintedOnAll": true
    },
    "status": "VALID",
    "name": "OpenAttestationEthereumTokenRegistryMinted",
    "type": "DOCUMENT_STATUS"
  },
  {
    "message": "Document issuers doesn't have \"documentStore\" or \"certificateStore\" property or DOCUMENT_STORE method",
    "name": "OpenAttestationEthereumDocumentStoreRevoked",
    "status": "SKIPPED",
    "type": "DOCUMENT_STATUS"
  },
  {
    "data": [
      {
        "dns": "example.tradetrust.io",
        "identified": true,
        "smartContract": "0xe59877ac86c0310e9ddaeb627f42fdee5f793fbe"
      }
    ],
    "status": "VALID",
    "name": "OpenAttestationDnsTxt",
    "type": "ISSUER_IDENTITY"
  }
]

Advanced usage

Verify

By default the provided verify method performs multiple checks on a document

  • for the type DOCUMENT_STATUS: it runs OpenAttestationEthereumDocumentStoreIssued, OpenAttestationEthereumDocumentStoreRevoked and OpenAttestationEthereumTokenRegistryIssued verifiers
  • for the type DOCUMENT_INTEGRITY: it runs OpenAttestationHash verifier
  • for the type ISSUER_IDENTITY: it runs OpenAttestationDnsTxt verifier

All those verifiers are exported as openAttestationVerifiers

You can build your own verify method or you own verifiers:

import { verificationBuilder, openAttestationVerifiers } from "@govtechsg/oa-verify";

// creating your own verify using default exported verifiers
const verify = verificationBuilder(openAttestationVerifiers); // this verify is equivalent to the one exported by the library
const verify = verificationBuilder([openAttestationVerifiers[0], openAttestationVerifiers[1]]); // this verify only run 2 verifiers

// creating your own verify using custom verifier
import { verificationBuilder, openAttestationVerifiers, Verifier } from "@govtechsg/oa-verify";
const customVerifier: Verifier = {
  skip: () => {
    // return a SkippedVerificationFragment if the verifier should be skipped or throw an error if it should always run
  },
  test: () => {
    // return true or false
  },
  verify: async document => {
    // perform checks and returns a fragment
  }
};

// create your own verify function with all verifiers and your custom one
const verify = verificationBuilder([...openAttestationVerifiers, customVerifier]);

isValid

By default, isValid perform checks on every types that exists for a fragment:

  • DOCUMENT_STATUS
  • DOCUMENT_INTEGRITY
  • ISSUER_IDENTITY it ensures that for every types, there is at least one VALID fragment and no INVALID or ERROR fragment.

The function allow to specify as a second parameters the list of types on which to perform the checks

import { documentRopstenValidWithCertificateStore } from "./test/fixtures/v2/documentRopstenValidWithCertificateStore";
import { verify, isValid } from "@govtechsg/oa-verify";

const fragments = verify(documentRopstenValidWithCertificateStore, { network: "ropsten" });
isValid(fragments); // display false because ISSUER_IDENTITY is INVALID
isValid(fragments, ["DOCUMENT_INTEGRITY", "DOCUMENT_STATUS"]); // display true because those types are VALID

License

GPL-3.0

FAQs

Package last updated on 03 Jul 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Nx Investigation Reveals GitHub Actions Workflow Exploit Led to npm Token Theft, Prompting Switch to Trusted Publishing

Security News

Nx Investigation Reveals GitHub Actions Workflow Exploit Led to npm Token Theft, Prompting Switch to Trusted Publishing

Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.

By Sarah Gooding  -  Sep 03, 2025
SocketSocket SOC 2 Logo

Product

About

Packages

Explore npm
Explore Cargo
Explore Go
Explore Maven
Explore NuGet
Explore PyPI
Explore Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc

U.S. Patent No. 12,346,443 & 12,314,394. Other pending.