jsonld-signatures-merkleproof2019
Advanced tools
A jsonld signature implementation to support MerkleProof2019 verification in Verifiable Credential context
A jsonld signature implementation to support MerkleProof2019 verification in Verifiable Credential context
To make use of this package, consumers need to modify the security-context package locally as MerkleProof2019 is not part of the current npm distribution. Another solution is to install from github and use the v3-unstable vocab.
This package is currently designed to work with vc.js in order to verify MerkleProof2019 signed documents.
You will need to wrap the certificate with the Signature Suite:
const myBlockcertsV3Definition = {
...
};
const verificationSuite = new MerkleProof2019({ document: myBlockcertsV3Definition });
In the case of vc.js, you would then pass this suite to the verify method, through the suite parameter.
The verification principle of MerkleProof2019 is to compare the distant hash of the document (the one saved on the blockchain) with the hash of the local document being verified.
MerkleProof2019 verification as provided by Blockcerts does out of the box verification for Bitcoin (mainnet and testnet) and Ethereum (main and tests), using a set of public explorers.
By default this library provides some blockchain explorers to retrieve the transaction data associated with a proof. They are:
You may provide your own explorer or even overwrite the existing ones. This is useful if you have a paid account with one explorer service and you want to ensure a high service availability, or if you'd like to provide identification keys to the ones provided by default.
Here is an example of how you would provide such service:
const myBlockcertsV3Definition = {
...
};
const myOwnExplorerAPI: ExplorerAPI = {
serviceURL: 'path/to/distant/api', // you may need to provide identification details here according to your service pattern
priority: 0, // this is to decide if this gets called before the out-of-the-box services. 0 means your custom service is going to be called first, use 1 if you prefer the default explorers to be called first.
parsingFunction: function ({ jsonResponse: serviceReponse }: IParsingFunctionAPI): TransactionData { // only define this function when referring to a custom explorer
// parse your service response in order to return the following information:
return {
remoteHash,
issuingAddress,
time,
revokedAddresses
}
}
};
const options = {
explorerAPIs: [myOwnExplorerAPI]
};
const verificationSuite = new MerkleProof2019({ document: myBlockcertsV3Definition, options });
In an alpha implementation, it is now possible to verify transaction of non natively supported chains, using RPC calls. If such is your case, 2 options are offered to you:
In that case you can take advantage of the built-ins lookup functions. You only need to provide the url to the RPC service you want to use and the chainType property to decide which
lookup function to use:
const myBlockcertsV3Definition = {
...
};
const options = {
explorerAPIs: [{
serviceURL: 'https://rpc-mumbai.maticvigil.com/',
priority: 0,
apiType: 'rpc',
chainType: 'evm'
}]
};
const verificationSuite = new MerkleProof2019({ document: myBlockcertsV3Definition, options });
NOTE: you can use this approach to modify the provided RPC lookup functions.
You will need to additionally provide your own lookup function. Contrary to rest APIs in this package, the parsing function needs to make the calls to the RPC service by itself.
const myBlockcertsV3Definition = {
...
};
const options = {
explorerAPIs: [{
serviceURL: 'https://rpc-mumbai.maticvigil.com/',
priority: 0,
apiType: 'rpc',
chainType: 'evm',
parsingFunction: function ({ serverUrl, transactionId }: IParsingFunctionAPI): TransactionData { // note that function signature is different than for REST parsingFunctions
// your call to the `serverUrl` with the `transaction` id
// parse your service response in order to return the following information:
return {
remoteHash,
issuingAddress,
time,
revokedAddresses
}
}
}]
};
const verificationSuite = new MerkleProof2019({ document: myBlockcertsV3Definition, options });
FAQs
A jsonld signature implementation to support MerkleProof2019 verification in Verifiable Credential context
The npm package jsonld-signatures-merkleproof2019 receives a total of 71 weekly downloads. As such, jsonld-signatures-merkleproof2019 popularity was classified as not popular.
We found that jsonld-signatures-merkleproof2019 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.