import { describe, it, expect, beforeAll, beforeEach, vi } from 'vitest' import { BrowserProvider, Contract, ethers, hexlify, toUtf8Bytes } from 'ethers' import { Resolvable } from 'did-resolver' import { EthrDidController } from '../controller' import { deployRegistry, randomAccount, sleep } from './testUtils' import { stringToBytes32, toMultibase } from '../helpers' describe('attributes', () => { let registryContract: Contract, didResolver: Resolvable, provider: BrowserProvider beforeAll(async () => { const reg = await deployRegistry() registryContract = reg.registryContract didResolver = reg.didResolver provider = reg.provider }) describe('invoking createSetAttributeHash', () => { it('sets the "encodedValue" to the passed hex encoded string (e.g. a public key)', async () => { expect.assertions(3) const { address: identity, signer } = await randomAccount(provider) const { pubKey: attrValue } = await randomAccount(provider) const attrName = 'did/pub/Secp256k1/veriKey' const controller = new EthrDidController(identity, registryContract, signer) const encodeAttributeValueSpy = vi.spyOn(controller, 'encodeAttributeValue') const ttl = 11111 await controller.createSetAttributeHash(attrName, attrValue, ttl) expect(encodeAttributeValueSpy).toHaveBeenCalledWith(attrValue) expect(encodeAttributeValueSpy).toHaveBeenCalledTimes(1) expect(encodeAttributeValueSpy).toHaveReturnedWith(attrValue) }) it('sets the "encodedValue" to a bytes encoded version of the passed attribute value (e.g. a service endpoint)', async () => { expect.assertions(3) const { address: identity, signer } = await randomAccount(provider) const attrValue = 'https://hubs.uport.me/service-endpoints-are-not-hex' const attrName = 'did/pub/Secp256k1/veriKey' const controller = new EthrDidController(identity, registryContract, signer) const encodeAttributeValueSpy = vi.spyOn(controller, 'encodeAttributeValue') const ttl = 11111 await controller.createSetAttributeHash(attrName, attrValue, ttl) expect(encodeAttributeValueSpy).toHaveBeenCalledWith(attrValue) expect(encodeAttributeValueSpy).toHaveBeenCalledTimes(1) const expectedEncodedValue = toUtf8Bytes(attrValue) expect(encodeAttributeValueSpy).toHaveReturnedWith(expectedEncodedValue) }) }) describe('invoking createRevokeAttributeHash', () => { beforeEach(() => { vi.clearAllMocks() }) it('sets the "encodedValue" to the passed hex encoded string (e.g. a public key)', async () => { expect.assertions(3) const { address: identity, signer } = await randomAccount(provider) const { pubKey: attrValue } = await randomAccount(provider) const attrName = 'did/pub/Secp256k1/veriKey' const controller = new EthrDidController(identity, registryContract, signer) const encodeAttributeValueSpy = vi.spyOn(controller, 'encodeAttributeValue') await controller.createRevokeAttributeHash(attrName, attrValue) expect(encodeAttributeValueSpy).toHaveBeenCalledWith(attrValue) expect(encodeAttributeValueSpy).toHaveBeenCalledTimes(1) expect(encodeAttributeValueSpy).toHaveReturnedWith(attrValue) }) it('sets the "encodedValue" to a bytes encoded version of the passed attribute value (e.g. a service endpoint)', async () => { expect.assertions(3) const { address: identity, signer } = await randomAccount(provider) const attrValue = 'https://hubs.uport.me/service-endpoints-are-not-hex' const attrName = 'did/pub/Secp256k1/veriKey' const controller = new EthrDidController(identity, registryContract, signer) const encodeAttributeValueSpy = vi.spyOn(controller, 'encodeAttributeValue') await controller.createRevokeAttributeHash(attrName, attrValue) expect(encodeAttributeValueSpy).toHaveBeenCalledWith(attrValue) expect(encodeAttributeValueSpy).toHaveBeenCalledTimes(1) const expectedEncodedValue = toUtf8Bytes(attrValue) expect(encodeAttributeValueSpy).toHaveReturnedWith(expectedEncodedValue) }) }) describe('add public keys', () => { it('add EcdsaSecp256k1VerificationKey2019 signing key', async () => { expect.assertions(1) const { address: identity, shortDID: did, signer } = await randomAccount(provider) const { pubKey } = await randomAccount(provider) await new EthrDidController(identity, registryContract, signer).setAttribute( 'did/pub/Secp256k1/veriKey', pubKey, 86401 ) const { didDocument } = await didResolver.resolve(did) expect(didDocument).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, { id: `${did}#delegate-1`, type: 'EcdsaSecp256k1VerificationKey2019', controller: did, publicKeyJwk: expect.objectContaining({ kty: 'EC', crv: 'secp256k1' }), }, ], authentication: [`${did}#controller`], assertionMethod: [`${did}#controller`, `${did}#delegate-1`], }) }) it('add Bls12381G2Key2020 assertion key via Multikey', async () => { expect.assertions(1) const { address: identity, shortDID: did, signer } = await randomAccount(provider) // 0xeb01 is the multicodec prefix for bls12_381-g2-pub; the on-chain value must include it const rawKey = toUtf8Bytes('public key material here') // 0x7075626c6963206b6579206d6174657269616c2068657265 const pubKey = hexlify(new Uint8Array([0xeb, 0x01, ...rawKey])) await new EthrDidController(identity, registryContract, signer).setAttribute( 'did/pub/Multikey', // attrName must fit into 32 bytes pubKey, 86401 ) const { didDocument } = await didResolver.resolve(did) expect(didDocument).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, { id: `${did}#delegate-1`, type: 'Multikey', controller: did, publicKeyMultibase: 'z8CNhpjgEH67cHtG4PWA1dS9udD1Z4pKmUCVA', }, ], authentication: [`${did}#controller`], assertionMethod: [`${did}#controller`, `${did}#delegate-1`], }) }) it('add Ed25519VerificationKey2020 authentication key', async () => { expect.assertions(1) const { address: identity, shortDID: did, signer } = await randomAccount(provider) const { pubKey } = await randomAccount(provider) await new EthrDidController(identity, registryContract, signer).setAttribute( 'did/pub/Ed25519/sigAuth/base64', pubKey, 86402 ) const { didDocument } = await didResolver.resolve(did) expect(didDocument).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, { id: `${did}#delegate-1`, type: 'Ed25519VerificationKey2020', controller: did, publicKeyMultibase: toMultibase(pubKey, new Uint8Array([0xed, 0x01])), }, ], authentication: [`${did}#controller`, `${did}#delegate-1`], assertionMethod: [`${did}#controller`, `${did}#delegate-1`], }) }) it('add X25519KeyAgreementKey2020 encryption key', async () => { expect.assertions(1) const { address: identity, shortDID: did, signer } = await randomAccount(provider) const pubKeyBase64 = 'MCowBQYDK2VuAyEAEYVXd3/7B4d0NxpSsA/tdVYdz5deYcR1U+ZkphdmEFI=' const pubKeyHex = ethers.hexlify(ethers.decodeBase64(pubKeyBase64)) await new EthrDidController(did, registryContract, signer).setAttribute( 'did/pub/X25519/enc/base64', pubKeyHex, 86404 ) const { didDocument } = await didResolver.resolve(did) expect(didDocument).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, { id: `${did}#delegate-1`, type: 'X25519KeyAgreementKey2020', controller: did, publicKeyMultibase: toMultibase(pubKeyHex, new Uint8Array([0xec, 0x01])), }, ], authentication: [`${did}#controller`], assertionMethod: [`${did}#controller`], keyAgreement: [`${did}#delegate-1`], }) }) it('add an imaginary key type', async () => { expect.assertions(1) const { address: identity, shortDID: did, signer } = await randomAccount(provider) const imaginaryKey = '0x1234567890' await new EthrDidController(did, registryContract, signer).setAttribute( 'did/pub/ImaginaryKey2023/veriKey', imaginaryKey, 86404 ) const { didDocument } = await didResolver.resolve(did) expect(didDocument).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, { id: `${did}#delegate-1`, type: 'ImaginaryKey2023', controller: did, publicKeyHex: imaginaryKey.slice(2), }, ], authentication: [`${did}#controller`], // This is a bug. Encryption keys should not be added to assertionMethod See #184 assertionMethod: [`${did}#controller`, `${did}#delegate-1`], }) }) }) describe('add service endpoints', () => { it('resolves document', async () => { expect.assertions(1) const { address: identity, shortDID: did, signer } = await randomAccount(provider) await new EthrDidController(identity, registryContract, signer).setAttribute( stringToBytes32('did/svc/HubService'), 'https://hubs.uport.me', 86405 ) const { didDocument } = await didResolver.resolve(did) expect(didDocument).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, ], authentication: [`${did}#controller`], assertionMethod: [`${did}#controller`], service: [ { id: `${did}#service-1`, type: 'HubService', serviceEndpoint: 'https://hubs.uport.me', }, ], }) }) }) describe('add expanded service endpoints', () => { it('resolves document', async () => { expect.assertions(2) const { address: identity, shortDID: did, signer } = await randomAccount(provider) await new EthrDidController(identity, registryContract, signer).setAttribute( stringToBytes32('did/svc/HubService'), JSON.stringify({ uri: 'https://hubs.uport.me', transportType: 'http' }), 86405 ) const { didDocument } = await didResolver.resolve(did) expect(didDocument).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, ], authentication: [expect.anything()], assertionMethod: [expect.anything()], service: [ { id: `${did}#service-1`, type: 'HubService', serviceEndpoint: { uri: 'https://hubs.uport.me', transportType: 'http' }, }, ], }) await new EthrDidController(identity, registryContract, signer).setAttribute( stringToBytes32('did/svc/HubService'), JSON.stringify([ { uri: 'https://hubs.uport.me', transportType: 'http' }, { uri: 'libp2p.star/123', transportType: 'libp2p' }, ]), 86405 ) const { didDocument: updatedDidDocument } = await didResolver.resolve(did) expect(updatedDidDocument).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [expect.anything()], authentication: [expect.anything()], assertionMethod: [expect.anything()], service: [ { id: `${did}#service-1`, type: 'HubService', serviceEndpoint: { uri: 'https://hubs.uport.me', transportType: 'http' }, }, { id: `${did}#service-2`, type: 'HubService', serviceEndpoint: [ { uri: 'https://hubs.uport.me', transportType: 'http' }, { uri: 'libp2p.star/123', transportType: 'libp2p' }, ], }, ], }) }) }) describe('revoke attributes', () => { it('revoke EcdsaSecp256k1VerificationKey2019 signing key', async () => { expect.assertions(2) const { address: identity, shortDID: did, signer } = await randomAccount(provider) const { pubKey } = await randomAccount(provider) await new EthrDidController(identity, registryContract, signer).setAttribute( 'did/pub/Secp256k1/veriKey', pubKey, 86401 ) const { didDocument: didDocumentBefore } = await didResolver.resolve(did) expect(didDocumentBefore).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, { id: `${did}#delegate-1`, type: 'EcdsaSecp256k1VerificationKey2019', controller: did, publicKeyJwk: expect.objectContaining({ kty: 'EC', crv: 'secp256k1' }), }, ], authentication: [`${did}#controller`], assertionMethod: [`${did}#controller`, `${did}#delegate-1`], }) await new EthrDidController(identity, registryContract, signer).revokeAttribute( 'did/pub/Secp256k1/veriKey', pubKey ) const { didDocument: didDocumentAfter } = await didResolver.resolve(did) expect(didDocumentAfter).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, ], authentication: [`${did}#controller`], assertionMethod: [`${did}#controller`], }) }) it('revokes Ed25519VerificationKey2020 authentication key', async () => { expect.assertions(2) const { address: identity, shortDID: did, signer } = await randomAccount(provider) const { pubKey } = await randomAccount(provider) await new EthrDidController(identity, registryContract, signer).setAttribute( 'did/pub/Ed25519/sigAuth/base64', pubKey, 86402 ) const { didDocument: didDocumentBefore } = await didResolver.resolve(did) expect(didDocumentBefore).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, { id: `${did}#delegate-1`, type: 'Ed25519VerificationKey2020', controller: did, publicKeyMultibase: toMultibase(pubKey, new Uint8Array([0xed, 0x01])), }, ], authentication: [`${did}#controller`, `${did}#delegate-1`], assertionMethod: [`${did}#controller`, `${did}#delegate-1`], }) await new EthrDidController(identity, registryContract, signer).revokeAttribute( 'did/pub/Ed25519/sigAuth/base64', pubKey ) const { didDocument: didDocumentAfter } = await didResolver.resolve(did) expect(didDocumentAfter).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, ], authentication: [`${did}#controller`], assertionMethod: [`${did}#controller`], }) }) it('revokes service endpoint', async () => { expect.assertions(2) const { address: identity, shortDID: did, signer } = await randomAccount(provider) await new EthrDidController(identity, registryContract, signer).setAttribute( stringToBytes32('did/svc/HubService'), 'https://hubs.uport.me', 86405 ) const { didDocument: didDocumentBefore } = await didResolver.resolve(did) expect(didDocumentBefore).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, ], authentication: [`${did}#controller`], assertionMethod: [`${did}#controller`], service: [ { id: `${did}#service-1`, type: 'HubService', serviceEndpoint: 'https://hubs.uport.me', }, ], }) await new EthrDidController(identity, registryContract, signer).revokeAttribute( stringToBytes32('did/svc/HubService'), 'https://hubs.uport.me' ) const { didDocument: didDocumentAfter } = await didResolver.resolve(did) expect(didDocumentAfter).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, ], authentication: [`${did}#controller`], assertionMethod: [`${did}#controller`], }) }) it('expires key automatically', async () => { expect.assertions(2) const { address: identity, shortDID: did, signer } = await randomAccount(provider) const { pubKey } = await randomAccount(provider) const validitySeconds = 2 await new EthrDidController(identity, registryContract, signer).setAttribute( 'did/pub/Ed25519/sigAuth', pubKey, validitySeconds ) const { didDocument: didDocumentBefore } = await didResolver.resolve(did) expect(didDocumentBefore).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, { id: `${did}#delegate-1`, type: 'Ed25519VerificationKey2020', controller: did, publicKeyMultibase: toMultibase(pubKey, new Uint8Array([0xed, 0x01])), }, ], authentication: [`${did}#controller`, `${did}#delegate-1`], assertionMethod: [`${did}#controller`, `${did}#delegate-1`], }) await sleep((validitySeconds + 1) * 1000) const { didDocument: didDocumentAfter } = await didResolver.resolve(did) expect(didDocumentAfter).toEqual({ '@context': expect.anything(), id: did, verificationMethod: [ { id: `${did}#controller`, type: 'EcdsaSecp256k1RecoveryMethod2020', controller: did, blockchainAccountId: `eip155:1337:${identity}`, }, ], authentication: [`${did}#controller`], assertionMethod: [`${did}#controller`], }) }) }) })