gmstn.systems / shard
decentralised message store
fork atom

refactor: did web factory

serenity 31a765e4 2c8bdef4

options
unified split
Changed files
+155 -10
src
lib
types
atproto.ts
utils
did.ts
routes
dot-well-known
did-dot-json
route.ts
+10 -10
src/lib/types/atproto.ts 
···

       
47

       
47

       
 

       
});


     

       
48

       
48

       
 

       
export type AtUri = z.infer<typeof atUriSchema>;


     

       
49

       
49

       
 

       



     

       

       
50

       
+

       
export const verificationMethodSchema = z.object({


     

       

       
51

       
+

       
    id: z.string(),


     

       

       
52

       
+

       
    type: z.string(),


     

       

       
53

       
+

       
    controller: z.string(),


     

       

       
54

       
+

       
    publicKeyMultibase: z.string(),


     

       

       
55

       
+

       
});


     

       

       
56

       
+

       
export type VerificationMethod = z.infer<typeof verificationMethodSchema>;


     

       

       
57

       
+

       



     

       
50

       
58

       
 

       
export const didDocumentSchema = z.object({


     

       

       
59

       
+

       
    "@context": z.array(z.string()),


     

       
51

       
60

       
 

       
    id: z.string(),


     

       
52

       
61

       
 

       
    alsoKnownAs: z.optional(z.array(z.string())),


     

       
53

       

       
-

       
    verificationMethod: z.optional(


     

       
54

       

       
-

       
        z.array(


     

       
55

       

       
-

       
            z.object({


     

       
56

       

       
-

       
                id: z.string(),


     

       
57

       

       
-

       
                type: z.string(),


     

       
58

       

       
-

       
                controller: z.string(),


     

       
59

       

       
-

       
                publicKeyMultibase: z.string(),


     

       
60

       

       
-

       
            }),


     

       
61

       

       
-

       
        ),


     

       
62

       

       
-

       
    ),


     

       

       
62

       
+

       
    verificationMethod: z.optional(z.array(verificationMethodSchema)),


     

       
63

       
63

       
 

       
    service: z.optional(


     

       
64

       
64

       
 

       
        z.array(


     

       
65

       
65

       
 

       
            z.object({
+102
src/lib/utils/did.ts 
···

       

       
1

       
+

       
import type {


     

       

       
2

       
+

       
    DidDocument,


     

       

       
3

       
+

       
    DidWeb,


     

       

       
4

       
+

       
    VerificationMethod,


     

       

       
5

       
+

       
} from "@/lib/types/atproto";


     

       

       
6

       
+

       
import { Secp256k1PrivateKeyExportable } from "@atcute/crypto";


     

       

       
7

       
+

       
import { toString as uint8arraysToString } from "uint8arrays";


     

       

       
8

       
+

       



     

       

       
9

       
+

       
export interface ServiceKeys {


     

       

       
10

       
+

       
    atproto: Secp256k1PrivateKeyExportable;


     

       

       
11

       
+

       
    service: Secp256k1PrivateKeyExportable;


     

       

       
12

       
+

       
}


     

       

       
13

       
+

       



     

       

       
14

       
+

       
export interface CreateDidWebDocResult {


     

       

       
15

       
+

       
    didDoc: DidDocument;


     

       

       
16

       
+

       
    keys: ServiceKeys;


     

       

       
17

       
+

       
}


     

       

       
18

       
+

       



     

       

       
19

       
+

       
export const createDidWebDoc = async (


     

       

       
20

       
+

       
    didWeb: DidWeb,


     

       

       
21

       
+

       
): Promise<CreateDidWebDocResult> => {


     

       

       
22

       
+

       
    const atprotoKey = await Secp256k1PrivateKeyExportable.createKeypair();


     

       

       
23

       
+

       
    const serviceKey = await Secp256k1PrivateKeyExportable.createKeypair();


     

       

       
24

       
+

       



     

       

       
25

       
+

       
    const atprotoMultikey = encodeMultikey(


     

       

       
26

       
+

       
        await atprotoKey.exportPublicKey("raw"),


     

       

       
27

       
+

       
    );


     

       

       
28

       
+

       
    const serviceMultikey = encodeMultikey(


     

       

       
29

       
+

       
        await atprotoKey.exportPublicKey("raw"),


     

       

       
30

       
+

       
    );


     

       

       
31

       
+

       



     

       

       
32

       
+

       
    const { domain, serviceEndpoint } = extractInfoFromDidWeb(didWeb);


     

       

       
33

       
+

       



     

       

       
34

       
+

       
    const verificationMethod: Array<VerificationMethod> = [


     

       

       
35

       
+

       
        {


     

       

       
36

       
+

       
            id: `${didWeb}#atproto`,


     

       

       
37

       
+

       
            type: "Multikey",


     

       

       
38

       
+

       
            controller: didWeb,


     

       

       
39

       
+

       
            publicKeyMultibase: atprotoMultikey,


     

       

       
40

       
+

       
        },


     

       

       
41

       
+

       
    ];


     

       

       
42

       
+

       



     

       

       
43

       
+

       
    const didDoc: DidDocument = {


     

       

       
44

       
+

       
        "@context": [


     

       

       
45

       
+

       
            "https://www.w3.org/ns/did/v1",


     

       

       
46

       
+

       
            "https://w3id.org/security/multikey/v1",


     

       

       
47

       
+

       
        ],


     

       

       
48

       
+

       
        id: didWeb,


     

       

       
49

       
+

       
        verificationMethod,


     

       

       
50

       
+

       
    };


     

       

       
51

       
+

       



     

       

       
52

       
+

       
    if (serviceEndpoint) {


     

       

       
53

       
+

       
        const serviceEndpointType = "GemstoneShard";


     

       

       
54

       
+

       



     

       

       
55

       
+

       
        const serviceEndpointUrl = `https://${domain}/`;


     

       

       
56

       
+

       



     

       

       
57

       
+

       
        // @ts-expect-error we are already adding the verificationMethod array above when we create didDoc.


     

       

       
58

       
+

       
        didDoc.verificationMethod.push({


     

       

       
59

       
+

       
            id: `${didWeb}#${serviceEndpoint}`,


     

       

       
60

       
+

       
            type: "Multikey",


     

       

       
61

       
+

       
            controller: didWeb,


     

       

       
62

       
+

       
            publicKeyMultibase: serviceMultikey,


     

       

       
63

       
+

       
        });


     

       

       
64

       
+

       



     

       

       
65

       
+

       
        didDoc.service = [


     

       

       
66

       
+

       
            {


     

       

       
67

       
+

       
                id: `${didWeb}#${serviceEndpoint}`,


     

       

       
68

       
+

       
                type: serviceEndpointType,


     

       

       
69

       
+

       
                serviceEndpoint: serviceEndpointUrl,


     

       

       
70

       
+

       
            },


     

       

       
71

       
+

       
        ];


     

       

       
72

       
+

       
    }


     

       

       
73

       
+

       



     

       

       
74

       
+

       
    return {


     

       

       
75

       
+

       
        didDoc,


     

       

       
76

       
+

       
        keys: {


     

       

       
77

       
+

       
            atproto: atprotoKey,


     

       

       
78

       
+

       
            service: serviceKey,


     

       

       
79

       
+

       
        },


     

       

       
80

       
+

       
    };


     

       

       
81

       
+

       
};


     

       

       
82

       
+

       



     

       

       
83

       
+

       
const encodeMultikey = (publicKeyBytes: Uint8Array) => {


     

       

       
84

       
+

       
    // For secp256k1 (K-256), prefix with 0xE701


     

       

       
85

       
+

       
    const prefixed = new Uint8Array(publicKeyBytes.length + 2);


     

       

       
86

       
+

       
    prefixed[0] = 0xe7;


     

       

       
87

       
+

       
    prefixed[1] = 0x01;


     

       

       
88

       
+

       
    prefixed.set(publicKeyBytes, 2);


     

       

       
89

       
+

       



     

       

       
90

       
+

       
    // Base58-btc encode with 'z' prefix


     

       

       
91

       
+

       
    const value = uint8arraysToString(prefixed, "base58btc");


     

       

       
92

       
+

       



     

       

       
93

       
+

       
    return "z" + value;


     

       

       
94

       
+

       
};


     

       

       
95

       
+

       



     

       

       
96

       
+

       
const extractInfoFromDidWeb = (didWeb: DidWeb) => {


     

       

       
97

       
+

       
    const fragments = didWeb.split("#");


     

       

       
98

       
+

       
    return {


     

       

       
99

       
+

       
        domain: fragments[0].replace("did:web:", ""),


     

       

       
100

       
+

       
        serviceEndpoint: fragments[1] as string | undefined,


     

       

       
101

       
+

       
    };


     

       

       
102

       
+

       
};
+43
src/routes/dot-well-known/did-dot-json/route.ts 
···

       

       
1

       
+

       
import { SERVICE_DID } from "@/lib/env";


     

       

       
2

       
+

       
import type { Did } from "@/lib/types/atproto";


     

       

       
3

       
+

       
import { didDocumentSchema, didWebSchema } from "@/lib/types/atproto";


     

       

       
4

       
+

       
import type { Route, RouteHandler } from "@/lib/types/routes";


     

       

       
5

       
+

       
import { createDidWebDoc } from "@/lib/utils/did";


     

       

       
6

       
+

       
import { newErrorResponse } from "@/lib/utils/http/responses";


     

       

       
7

       
+

       



     

       

       
8

       
+

       
const routeHandlerFactory = (did: Did) => {


     

       

       
9

       
+

       
    const serveDidPlc: RouteHandler = async () => {


     

       

       
10

       
+

       
        const plcDirectoryReq = new Request(`https://plc.directory/${did}`);


     

       

       
11

       
+

       
        const plcDirectoryRes = await fetch(plcDirectoryReq);


     

       

       
12

       
+

       
        const {


     

       

       
13

       
+

       
            success,


     

       

       
14

       
+

       
            data: didDocument,


     

       

       
15

       
+

       
            error,


     

       

       
16

       
+

       
        } = didDocumentSchema.safeParse(await plcDirectoryRes.json());


     

       

       
17

       
+

       



     

       

       
18

       
+

       
        if (!success)


     

       

       
19

       
+

       
            return newErrorResponse(500, {


     

       

       
20

       
+

       
                message:


     

       

       
21

       
+

       
                    "did:plc was not set properly. Either the Shard's did:plc is wrong, or the did:plc was not registered with a public ledger.",


     

       

       
22

       
+

       
                details: error,


     

       

       
23

       
+

       
            });


     

       

       
24

       
+

       



     

       

       
25

       
+

       
        return Response.json(didDocument);


     

       

       
26

       
+

       
    };


     

       

       
27

       
+

       



     

       

       
28

       
+

       
    const { success: isDidWeb, data: didWeb } = didWebSchema.safeParse(did);


     

       

       
29

       
+

       
    if (!isDidWeb) return serveDidPlc;


     

       

       
30

       
+

       



     

       

       
31

       
+

       
    const serveDidDoc: RouteHandler = () => {


     

       

       
32

       
+

       
        const didDoc = createDidWebDoc(didWeb);


     

       

       
33

       
+

       



     

       

       
34

       
+

       
        return Response.json(didDoc);


     

       

       
35

       
+

       
    };


     

       

       
36

       
+

       



     

       

       
37

       
+

       
    return serveDidDoc;


     

       

       
38

       
+

       
};


     

       

       
39

       
+

       



     

       

       
40

       
+

       
export const didWebDocRoute: Route = {


     

       

       
41

       
+

       
    method: "GET",


     

       

       
42

       
+

       
    handler: routeHandlerFactory(SERVICE_DID),


     

       

       
43

       
+

       
};