Ed25519Signature2020 suite (@digitalbazaar/ed25519-signature-2020)

Ed25519Signature2020 Linked Data Proof suite for use with jsonld-signatures.

Table of Contents

• Background
• Security
• Install
• Usage
• Contribute
• Commercial Support
• License

Background

For use with https://github.com/digitalbazaar/jsonld-signatures v9.0 and above.

See also related specs:

• Ed25519Signature2020 Crypto Suite

Security

TBD

Install

• Browsers and Node.js 14+ are supported.

To install from NPM:

npm install @digitalbazaar/ed25519-signature-2020

To install locally (for development):

git clone https://github.com/digitalbazaar/ed25519-signature-2020.git
cd ed25519-signature-2020
npm install

Usage

The following code snippet provides a complete example of digitally signing a verifiable credential using this library:

import jsigs from 'jsonld-signatures';
const {purposes: {AssertionProofPurpose}} = jsigs;
import {Ed25519VerificationKey2020} from
  '@digitalbazaar/ed25519-verification-key-2020';
import {Ed25519Signature2020, suiteContext} from
  '@digitalbazaar/ed25519-signature-2020';

// create the unsigned credential
const unsignedCredential = {
  '@context': [
    'https://www.w3.org/2018/credentials/v1',
    {
      AlumniCredential: 'https://schema.org#AlumniCredential',
      alumniOf: 'https://schema.org#alumniOf'
    }
  ],
  id: 'http://example.edu/credentials/1872',
  type: [ 'VerifiableCredential', 'AlumniCredential' ],
  issuer: 'https://example.edu/issuers/565049',
  issuanceDate: '2010-01-01T19:23:24Z',
  credentialSubject: {
    id: 'https://example.edu/students/alice',
    alumniOf: 'Example University'
  }
};

// create the keypair to use when signing
const controller = 'https://example.edu/issuers/565049';
const keyPair = await Ed25519VerificationKey2020.from({
  type: 'Ed25519VerificationKey2020',
  controller,
  id: controller + '#z6MknCCLeeHBUaHu4aHSVLDCYQW9gjVJ7a63FpMvtuVMy53T',
  publicKeyMultibase: 'z6MknCCLeeHBUaHu4aHSVLDCYQW9gjVJ7a63FpMvtuVMy53T',
  privateKeyMultibase: 'zrv2EET2WWZ8T1Jbg4fEH5cQxhbUS22XxdweypUbjWVzv1YD6VqYu' +
    'W6LH7heQCNYQCuoKaDwvv2qCWz3uBzG2xesqmf'
});

const suite = new Ed25519Signature2020({key: keyPair});
suite.date = '2010-01-01T19:23:24Z';

signedCredential = await jsigs.sign(unsignedCredential, {
  suite,
  purpose: new AssertionProofPurpose(),
  documentLoader
});

// results in the following signed VC
{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    {
      "AlumniCredential": "https://schema.org#AlumniCredential",
      "alumniOf": "https://schema.org#alumniOf"
    },
    "https://w3id.org/security/suites/ed25519-2020/v1"
  ],
  "id": "http://example.edu/credentials/1872",
  "type": ["VerifiableCredential", "AlumniCredential"],
  "issuer": "https://example.edu/issuers/565049",
  "issuanceDate": "2010-01-01T19:23:24Z",
  "credentialSubject": {
    "id": "https://example.edu/students/alice",
    "alumniOf": "Example University"
  },
  "proof": {
    "type": "Ed25519Signature2020",
    "created": "2010-01-01T19:23:24Z",
    "verificationMethod": "https://example.edu/issuers/565049#z6MknCCLeeHBUaHu4aHSVLDCYQW9gjVJ7a63FpMvtuVMy53T",
    "proofPurpose": "assertionMethod",
    "proofValue": "z3MvGcVxzRzzpKF1HA11EjvfPZsN8NAb7kXBRfeTm3CBg2gcJLQM5hZNmj6Ccd9Lk4C1YueiFZvkSx4FuHVYVouQk"
  }
}

Contribute

See the contribute file!

PRs accepted.

If editing the Readme, please conform to the standard-readme specification.

Commercial Support

Commercial support for this library is available upon request from Digital Bazaar: support@digitalbazaar.com

License

New BSD License (3-clause) © 2020 Digital Bazaar

@digitalbazaar/ed25519-signature-2020 Changelog

5.4.0 - 2024-08-01

Changed

• Use `jsonld-signature@11.3to getRDFC-1.0` implementation.

5.3.0 - 2024-06-15

Added

• Add support for Multikey verification methods.

Changed

• Loosen restrictions on verification methods that do not have contexts, allowing processing of well-known types in those cases.
• Allow publiKeyJwk to be used to express key material.

5.2.0 - 2023-02-13

Removed

• Remove unused expansionMap from matchProof() as it was removed from jsonld-signatures@11 which is required since version 5.0.

5.1.0 - 2023-02-07

Added

• Allow custom canonizeOptions to be passed in the construction of a suite as a stop-gap until hard requirements for canonize options are either set or advised to be certain values by a W3C working group.

5.0.0 - 2022-08-23

Changed

• BREAKING: Use jsonld-signatures@11 to get better safe mode protections when canonizing.

4.0.1 - 2022-06-06

Changed

• Update to jsonld-signatures@10.

4.0.0 - 2022-06-06

Changed

• BREAKING: Convert to module (ESM).
• BREAKING: Require Node.js >=14.
• Update dependencies.
• Lint module.

3.0.0 - 2021-06-19

Fixed

• BREAKING: Update to use new Ed25519VerificationKey2020 multicodec encoded key formats.

2.2.0 - 2021-05-26

Added

• It is now possible to verify Ed25519Signature2020 proofs using using 2018 keys.

Changed

• Replace @transmute/jsonld-document-loader with @digitalbazaar/security-document-loader in test.

2.1.0 - 2021-04-09

Added

• Export the suite's context (and related objects such as context url, documentLoader, etc), and also set them as a property of the suite class.
• Set the contextUrl property on suite instance, to support context enforcement during the sign() operation that was added to jsonld-signatures v9.0.1.

2.0.1 - 2021-04-09

Changed

• Use `ed25519-verification-key-2020@2.1.1`. Signer now has an "id" property.

2.0.0 - 2021-04-06

Changed

• BREAKING: Update to use jsonld-signatures v9.0 (removes verificationMethod suite constructor param, makes key and signer validation stricter).
• Fix initializing signer and verifier object by passing it to superclass.

1.0.0 - 2021-03-19

Added

• Initial files.