A DID Document Service used to enable trusted interactions associated with a DID subject.
StatusList2021 data structure as described in W3C's VC status list 2021.
+A parsed StatusList2021Credential.
+Builder type to construct valid StatusList2021Credential istances.
+StatusList2021Entry implementation.
+A type wrapping a JwkStorage and KeyIdStorage that should always be used together when
working with storage backed DID documents.
Controls validation behaviour when checking whether or not a credential has been revoked by its
-credentialStatus.
Validate the status if supported, reject any unsupported
-credentialStatus types.
Only RevocationBitmap2022 is currently supported.
This is the default.
-Validate the status if supported, skip any unsupported
-credentialStatus types.
Skip all status checks.
+Purpose of a StatusList2021.
Declares how credential subjects must relate to the presentation holder.
@@ -215,7 +215,24 @@ This variant is the default.Return after the first error occurs.
Controls validation behaviour when checking whether or not a credential has been revoked by its
+credentialStatus.
Validate the status if supported, reject any unsupported
+credentialStatus types.
Only RevocationBitmap2022 is currently supported.
This is the default.
+Validate the status if supported, skip any unsupported
+credentialStatus types.
Skip all status checks.
+This function does not check whether alg = EdDSA in the protected header. Callers are expected to assert this
prior to calling the function.
Initializes the console error panic hook for better error messages
-stringEncode the given bytes in url-safe base64.
Uint8ArrayDecode the given url-safe base64-encoded slice into its raw bytes.
Initializes the console error panic hook for better error messages
+Service](#Service) \| undefined
* [.resolveService(query)](#CoreDocument+resolveService) ⇒ [Service](#Service) \| undefined
- * [.methods(scope)](#CoreDocument+methods) ⇒ [Array.<VerificationMethod>](#VerificationMethod)
+ * [.methods([scope])](#CoreDocument+methods) ⇒ [Array.<VerificationMethod>](#VerificationMethod)
* [.verificationRelationships()](#CoreDocument+verificationRelationships) ⇒ Array.<(DIDUrl\|VerificationMethod)>
* [.insertMethod(method, scope)](#CoreDocument+insertMethod)
* [.removeMethod(did)](#CoreDocument+removeMethod) ⇒ [VerificationMethod](#VerificationMethod) \| undefined
- * [.resolveMethod(query, scope)](#CoreDocument+resolveMethod) ⇒ [VerificationMethod](#VerificationMethod) \| undefined
+ * [.resolveMethod(query, [scope])](#CoreDocument+resolveMethod) ⇒ [VerificationMethod](#VerificationMethod) \| undefined
* [.attachMethodRelationship(didUrl, relationship)](#CoreDocument+attachMethodRelationship) ⇒ boolean
* [.detachMethodRelationship(didUrl, relationship)](#CoreDocument+detachMethodRelationship) ⇒ boolean
- * [.verifyJws(jws, options, signatureVerifier, detachedPayload)](#CoreDocument+verifyJws) ⇒ [DecodedJws](#DecodedJws)
+ * [.verifyJws(jws, options, signatureVerifier, [detachedPayload])](#CoreDocument+verifyJws) ⇒ [DecodedJws](#DecodedJws)
* [.revokeCredentials(serviceQuery, indices)](#CoreDocument+revokeCredentials)
* [.unrevokeCredentials(serviceQuery, indices)](#CoreDocument+unrevokeCredentials)
* [.clone()](#CoreDocument+clone) ⇒ [CoreDocument](#CoreDocument)
@@ -474,7 +491,7 @@ if the object is being concurrently modified.
* [.generateMethod(storage, keyType, alg, fragment, scope)](#CoreDocument+generateMethod) ⇒ Promise.<string>
* [.purgeMethod(storage, id)](#CoreDocument+purgeMethod) ⇒ Promise.<void>
* [.createJws(storage, fragment, payload, options)](#CoreDocument+createJws) ⇒ [Promise.<Jws>](#Jws)
- * [.createCredentialJwt(storage, fragment, credential, options, custom_claims)](#CoreDocument+createCredentialJwt) ⇒ [Promise.<Jwt>](#Jwt)
+ * [.createCredentialJwt(storage, fragment, credential, options, [custom_claims])](#CoreDocument+createCredentialJwt) ⇒ [Promise.<Jwt>](#Jwt)
* [.createPresentationJwt(storage, fragment, presentation, signature_options, presentation_options)](#CoreDocument+createPresentationJwt) ⇒ [Promise.<Jwt>](#Jwt)
* _static_
* [.fromJSON(json)](#CoreDocument.fromJSON) ⇒ [CoreDocument](#CoreDocument)
@@ -654,7 +671,7 @@ if present.
-### coreDocument.methods(scope) ⇒ [Array.<VerificationMethod>](#VerificationMethod)
+### coreDocument.methods([scope]) ⇒ [Array.<VerificationMethod>](#VerificationMethod)
Returns a list of all [VerificationMethod](#VerificationMethod) in the DID Document,
whose verification relationship matches `scope`.
@@ -664,7 +681,7 @@ If `scope` is not set, a list over the **embedded** methods is returned.
| Param | Type |
| --- | --- |
-| scope | [MethodScope](#MethodScope) \| undefined |
+| [scope] | [MethodScope](#MethodScope) \| undefined |
@@ -697,7 +714,7 @@ Removes all references to the specified Verification Method.
-### coreDocument.resolveMethod(query, scope) ⇒ [VerificationMethod](#VerificationMethod) \| undefined
+### coreDocument.resolveMethod(query, [scope]) ⇒ [VerificationMethod](#VerificationMethod) \| undefined
Returns a copy of the first verification method with an `id` property
matching the provided `query` and the verification relationship
specified by `scope`, if present.
@@ -707,7 +724,7 @@ specified by `scope`, if present.
| Param | Type |
| --- | --- |
| query | [DIDUrl](#DIDUrl) \| string |
-| scope | [MethodScope](#MethodScope) \| undefined |
+| [scope] | [MethodScope](#MethodScope) \| undefined |
@@ -722,7 +739,7 @@ so it cannot be an embedded one.
| Param | Type |
| --- | --- |
| didUrl | [DIDUrl](#DIDUrl) |
-| relationship | number |
+| relationship | [MethodRelationship](#MethodRelationship) |
@@ -734,11 +751,11 @@ Detaches the given relationship from the given method, if the method exists.
| Param | Type |
| --- | --- |
| didUrl | [DIDUrl](#DIDUrl) |
-| relationship | number |
+| relationship | [MethodRelationship](#MethodRelationship) |
-### coreDocument.verifyJws(jws, options, signatureVerifier, detachedPayload) ⇒ [DecodedJws](#DecodedJws)
+### coreDocument.verifyJws(jws, options, signatureVerifier, [detachedPayload]) ⇒ [DecodedJws](#DecodedJws)
Decodes and verifies the provided JWS according to the passed `options` and `signatureVerifier`.
If no `signatureVerifier` argument is provided a default verifier will be used that is (only) capable of
verifying EdDSA signatures.
@@ -756,7 +773,7 @@ or set explicitly in the `options`.
| jws | [Jws](#Jws) |
| options | [JwsVerificationOptions](#JwsVerificationOptions) |
| signatureVerifier | IJwsVerifier |
-| detachedPayload | string \| undefined |
+| [detachedPayload] | string \| undefined |
@@ -865,7 +882,7 @@ See [RFC7515 section 3.1](https://www.rfc-editor.org/rfc/rfc7515#section-3.1).
-### coreDocument.createCredentialJwt(storage, fragment, credential, options, custom_claims) ⇒ [Promise.<Jwt>](#Jwt)
+### coreDocument.createCredentialJwt(storage, fragment, credential, options, [custom_claims]) ⇒ [Promise.<Jwt>](#Jwt)
Produces a JWT where the payload is produced from the given `credential`
in accordance with [VC Data Model v1.1](https://www.w3.org/TR/vc-data-model/#json-web-token).
@@ -883,7 +900,7 @@ The `custom_claims` can be used to set additional claims on the resulting JWT.
| fragment | string |
| credential | [Credential](#Credential) |
| options | [JwsSignatureOptions](#JwsSignatureOptions) |
-| custom_claims | Record.<string, any> \| undefined |
+| [custom_claims] | Record.<string, any> \| undefined |
@@ -939,8 +956,8 @@ Deserializes an instance from a plain JS representation.
* [.nonTransferable()](#Credential+nonTransferable) ⇒ boolean \| undefined
* [.proof()](#Credential+proof) ⇒ [Proof](#Proof) \| undefined
* [.properties()](#Credential+properties) ⇒ Map.<string, any>
- * [.setProof(proof)](#Credential+setProof)
- * [.toJwtClaims(custom_claims)](#Credential+toJwtClaims) ⇒ Record.<string, any>
+ * [.setProof([proof])](#Credential+setProof)
+ * [.toJwtClaims([custom_claims])](#Credential+toJwtClaims) ⇒ Record.<string, any>
* [.toJSON()](#Credential+toJSON) ⇒ any
* [.clone()](#Credential+clone) ⇒ [Credential](#Credential)
* _static_
@@ -1052,7 +1069,7 @@ Returns a copy of the miscellaneous properties on the [Credential](#Credential).
**Kind**: instance method of [Credential](#Credential)
-### credential.setProof(proof)
+### credential.setProof([proof])
Sets the `proof` property of the [Credential](#Credential).
Note that this proof is not related to JWT.
@@ -1061,11 +1078,11 @@ Note that this proof is not related to JWT.
| Param | Type |
| --- | --- |
-| proof | [Proof](#Proof) \| undefined |
+| [proof] | [Proof](#Proof) \| undefined |
-### credential.toJwtClaims(custom_claims) ⇒ Record.<string, any>
+### credential.toJwtClaims([custom_claims]) ⇒ Record.<string, any>
Serializes the `Credential` as a JWT claims set
in accordance with [VC Data Model v1.1](https://www.w3.org/TR/vc-data-model/#json-web-token).
@@ -1075,7 +1092,7 @@ The resulting object can be used as the payload of a JWS when issuing the creden
| Param | Type |
| --- | --- |
-| custom_claims | Record.<string, any> \| undefined |
+| [custom_claims] | Record.<string, any> \| undefined |
@@ -1133,11 +1150,11 @@ A method agnostic DID Url.
* [.did()](#DIDUrl+did) ⇒ [CoreDID](#CoreDID)
* [.urlStr()](#DIDUrl+urlStr) ⇒ string
* [.fragment()](#DIDUrl+fragment) ⇒ string \| undefined
- * [.setFragment(value)](#DIDUrl+setFragment)
+ * [.setFragment([value])](#DIDUrl+setFragment)
* [.path()](#DIDUrl+path) ⇒ string \| undefined
- * [.setPath(value)](#DIDUrl+setPath)
+ * [.setPath([value])](#DIDUrl+setPath)
* [.query()](#DIDUrl+query) ⇒ string \| undefined
- * [.setQuery(value)](#DIDUrl+setQuery)
+ * [.setQuery([value])](#DIDUrl+setQuery)
* [.join(segment)](#DIDUrl+join) ⇒ [DIDUrl](#DIDUrl)
* [.toString()](#DIDUrl+toString) ⇒ string
* [.toJSON()](#DIDUrl+toJSON) ⇒ any
@@ -1166,14 +1183,14 @@ Returns a copy of the [DIDUrl](#DIDUrl) method fragment, if any. Excludes the le
**Kind**: instance method of [DIDUrl](#DIDUrl)
-### didUrl.setFragment(value)
+### didUrl.setFragment([value])
Sets the `fragment` component of the [DIDUrl](#DIDUrl).
**Kind**: instance method of [DIDUrl](#DIDUrl)
| Param | Type |
| --- | --- |
-| value | string \| undefined |
+| [value] | string \| undefined |
@@ -1183,14 +1200,14 @@ Returns a copy of the [DIDUrl](#DIDUrl) path.
**Kind**: instance method of [DIDUrl](#DIDUrl)
-### didUrl.setPath(value)
+### didUrl.setPath([value])
Sets the `path` component of the [DIDUrl](#DIDUrl).
**Kind**: instance method of [DIDUrl](#DIDUrl)
| Param | Type |
| --- | --- |
-| value | string \| undefined |
+| [value] | string \| undefined |
@@ -1200,14 +1217,14 @@ Returns a copy of the [DIDUrl](#DIDUrl) method query, if any. Excludes the leadi
**Kind**: instance method of [DIDUrl](#DIDUrl)
-### didUrl.setQuery(value)
+### didUrl.setQuery([value])
Sets the `query` component of the [DIDUrl](#DIDUrl).
**Kind**: instance method of [DIDUrl](#DIDUrl)
| Param | Type |
| --- | --- |
-| value | string \| undefined |
+| [value] | string \| undefined |
@@ -1958,13 +1975,13 @@ if the object is being concurrently modified.
* [.insertService(service)](#IotaDocument+insertService)
* [.removeService(did)](#IotaDocument+removeService) ⇒ [Service](#Service) \| undefined
* [.resolveService(query)](#IotaDocument+resolveService) ⇒ [Service](#Service) \| undefined
- * [.methods(scope)](#IotaDocument+methods) ⇒ [Array.<VerificationMethod>](#VerificationMethod)
+ * [.methods([scope])](#IotaDocument+methods) ⇒ [Array.<VerificationMethod>](#VerificationMethod)
* [.insertMethod(method, scope)](#IotaDocument+insertMethod)
* [.removeMethod(did)](#IotaDocument+removeMethod) ⇒ [VerificationMethod](#VerificationMethod) \| undefined
- * [.resolveMethod(query, scope)](#IotaDocument+resolveMethod) ⇒ [VerificationMethod](#VerificationMethod) \| undefined
+ * [.resolveMethod(query, [scope])](#IotaDocument+resolveMethod) ⇒ [VerificationMethod](#VerificationMethod) \| undefined
* [.attachMethodRelationship(didUrl, relationship)](#IotaDocument+attachMethodRelationship) ⇒ boolean
* [.detachMethodRelationship(didUrl, relationship)](#IotaDocument+detachMethodRelationship) ⇒ boolean
- * [.verifyJws(jws, options, signatureVerifier, detachedPayload)](#IotaDocument+verifyJws) ⇒ [DecodedJws](#DecodedJws)
+ * [.verifyJws(jws, options, signatureVerifier, [detachedPayload])](#IotaDocument+verifyJws) ⇒ [DecodedJws](#DecodedJws)
* [.pack()](#IotaDocument+pack) ⇒ Uint8Array
* [.packWithEncoding(encoding)](#IotaDocument+packWithEncoding) ⇒ Uint8Array
* [.metadata()](#IotaDocument+metadata) ⇒ [IotaDocumentMetadata](#IotaDocumentMetadata)
@@ -1973,7 +1990,7 @@ if the object is being concurrently modified.
* [.metadataUpdated()](#IotaDocument+metadataUpdated) ⇒ [Timestamp](#Timestamp) \| undefined
* [.setMetadataUpdated(timestamp)](#IotaDocument+setMetadataUpdated)
* [.metadataDeactivated()](#IotaDocument+metadataDeactivated) ⇒ boolean \| undefined
- * [.setMetadataDeactivated(deactivated)](#IotaDocument+setMetadataDeactivated)
+ * [.setMetadataDeactivated([deactivated])](#IotaDocument+setMetadataDeactivated)
* [.metadataStateControllerAddress()](#IotaDocument+metadataStateControllerAddress) ⇒ string \| undefined
* [.metadataGovernorAddress()](#IotaDocument+metadataGovernorAddress) ⇒ string \| undefined
* [.setMetadataPropertyUnchecked(key, value)](#IotaDocument+setMetadataPropertyUnchecked)
@@ -1988,7 +2005,7 @@ if the object is being concurrently modified.
* [.purgeMethod(storage, id)](#IotaDocument+purgeMethod) ⇒ Promise.<void>
* ~~[.createJwt(storage, fragment, payload, options)](#IotaDocument+createJwt) ⇒ [Promise.<Jws>](#Jws)~~
* [.createJws(storage, fragment, payload, options)](#IotaDocument+createJws) ⇒ [Promise.<Jws>](#Jws)
- * [.createCredentialJwt(storage, fragment, credential, options, custom_claims)](#IotaDocument+createCredentialJwt) ⇒ [Promise.<Jwt>](#Jwt)
+ * [.createCredentialJwt(storage, fragment, credential, options, [custom_claims])](#IotaDocument+createCredentialJwt) ⇒ [Promise.<Jwt>](#Jwt)
* [.createPresentationJwt(storage, fragment, presentation, signature_options, presentation_options)](#IotaDocument+createPresentationJwt) ⇒ [Promise.<Jwt>](#Jwt)
* _static_
* [.newWithId(id)](#IotaDocument.newWithId) ⇒ [IotaDocument](#IotaDocument)
@@ -2108,7 +2125,7 @@ if present.
-### iotaDocument.methods(scope) ⇒ [Array.<VerificationMethod>](#VerificationMethod)
+### iotaDocument.methods([scope]) ⇒ [Array.<VerificationMethod>](#VerificationMethod)
Returns a list of all [VerificationMethod](#VerificationMethod) in the DID Document,
whose verification relationship matches `scope`.
@@ -2118,7 +2135,7 @@ If `scope` is not set, a list over the **embedded** methods is returned.
| Param | Type |
| --- | --- |
-| scope | [MethodScope](#MethodScope) \| undefined |
+| [scope] | [MethodScope](#MethodScope) \| undefined |
@@ -2145,7 +2162,7 @@ Removes all references to the specified Verification Method.
-### iotaDocument.resolveMethod(query, scope) ⇒ [VerificationMethod](#VerificationMethod) \| undefined
+### iotaDocument.resolveMethod(query, [scope]) ⇒ [VerificationMethod](#VerificationMethod) \| undefined
Returns a copy of the first verification method with an `id` property
matching the provided `query` and the verification relationship
specified by `scope`, if present.
@@ -2155,7 +2172,7 @@ specified by `scope`, if present.
| Param | Type |
| --- | --- |
| query | [DIDUrl](#DIDUrl) \| string |
-| scope | [MethodScope](#MethodScope) \| undefined |
+| [scope] | [MethodScope](#MethodScope) \| undefined |
@@ -2170,7 +2187,7 @@ so it cannot be an embedded one.
| Param | Type |
| --- | --- |
| didUrl | [DIDUrl](#DIDUrl) |
-| relationship | number |
+| relationship | [MethodRelationship](#MethodRelationship) |
@@ -2182,11 +2199,11 @@ Detaches the given relationship from the given method, if the method exists.
| Param | Type |
| --- | --- |
| didUrl | [DIDUrl](#DIDUrl) |
-| relationship | number |
+| relationship | [MethodRelationship](#MethodRelationship) |
-### iotaDocument.verifyJws(jws, options, signatureVerifier, detachedPayload) ⇒ [DecodedJws](#DecodedJws)
+### iotaDocument.verifyJws(jws, options, signatureVerifier, [detachedPayload]) ⇒ [DecodedJws](#DecodedJws)
Decodes and verifies the provided JWS according to the passed `options` and `signatureVerifier`.
If no `signatureVerifier` argument is provided a default verifier will be used that is (only) capable of
verifying EdDSA signatures.
@@ -2203,7 +2220,7 @@ take place.
| jws | [Jws](#Jws) |
| options | [JwsVerificationOptions](#JwsVerificationOptions) |
| signatureVerifier | IJwsVerifier |
-| detachedPayload | string \| undefined |
+| [detachedPayload] | string \| undefined |
@@ -2221,7 +2238,7 @@ Serializes the document for inclusion in an Alias Output's state metadata.
| Param | Type |
| --- | --- |
-| encoding | number |
+| encoding | [StateMetadataEncoding](#StateMetadataEncoding) |
@@ -2274,14 +2291,14 @@ Returns a copy of the deactivated status of the DID document.
**Kind**: instance method of [IotaDocument](#IotaDocument)
-### iotaDocument.setMetadataDeactivated(deactivated)
+### iotaDocument.setMetadataDeactivated([deactivated])
Sets the deactivated status of the DID document.
**Kind**: instance method of [IotaDocument](#IotaDocument)
| Param | Type |
| --- | --- |
-| deactivated | boolean \| undefined |
+| [deactivated] | boolean \| undefined |
@@ -2441,7 +2458,7 @@ See [RFC7515 section 3.1](https://www.rfc-editor.org/rfc/rfc7515#section-3.1).
-### iotaDocument.createCredentialJwt(storage, fragment, credential, options, custom_claims) ⇒ [Promise.<Jwt>](#Jwt)
+### iotaDocument.createCredentialJwt(storage, fragment, credential, options, [custom_claims]) ⇒ [Promise.<Jwt>](#Jwt)
Produces a JWS where the payload is produced from the given `credential`
in accordance with [VC Data Model v1.1](https://www.w3.org/TR/vc-data-model/#json-web-token).
@@ -2459,7 +2476,7 @@ The `custom_claims` can be used to set additional claims on the resulting JWT.
| fragment | string |
| credential | [Credential](#Credential) |
| options | [JwsSignatureOptions](#JwsSignatureOptions) |
-| custom_claims | Record.<string, any> \| undefined |
+| [custom_claims] | Record.<string, any> \| undefined |
@@ -2628,7 +2645,7 @@ and resolution of DID documents in Alias Outputs.
**Kind**: global class
* [IotaIdentityClientExt](#IotaIdentityClientExt)
- * [.newDidOutput(client, address, document, rentStructure)](#IotaIdentityClientExt.newDidOutput) ⇒ Promise.<AliasOutputBuilderParams>
+ * [.newDidOutput(client, address, document, [rentStructure])](#IotaIdentityClientExt.newDidOutput) ⇒ Promise.<AliasOutputBuilderParams>
* [.updateDidOutput(client, document)](#IotaIdentityClientExt.updateDidOutput) ⇒ Promise.<AliasOutputBuilderParams>
* [.deactivateDidOutput(client, did)](#IotaIdentityClientExt.deactivateDidOutput) ⇒ Promise.<AliasOutputBuilderParams>
* [.resolveDid(client, did)](#IotaIdentityClientExt.resolveDid) ⇒ [Promise.<IotaDocument>](#IotaDocument)
@@ -2636,7 +2653,7 @@ and resolution of DID documents in Alias Outputs.
-### IotaIdentityClientExt.newDidOutput(client, address, document, rentStructure) ⇒ Promise.<AliasOutputBuilderParams>
+### IotaIdentityClientExt.newDidOutput(client, address, document, [rentStructure]) ⇒ Promise.<AliasOutputBuilderParams>
Create a DID with a new Alias Output containing the given `document`.
The `address` will be set as the state controller and governor unlock conditions.
@@ -2653,7 +2670,7 @@ NOTE: this does *not* publish the Alias Output.
| client | IIotaIdentityClient |
| address | Address |
| document | [IotaDocument](#IotaDocument) |
-| rentStructure | IRent \| undefined |
+| [rentStructure] | IRent \| undefined |
@@ -3302,7 +3319,7 @@ Deserializes an instance from a JSON object.
**Kind**: global class
* [JwsSignatureOptions](#JwsSignatureOptions)
- * [new JwsSignatureOptions(options)](#new_JwsSignatureOptions_new)
+ * [new JwsSignatureOptions([options])](#new_JwsSignatureOptions_new)
* _instance_
* [.setAttachJwk(value)](#JwsSignatureOptions+setAttachJwk)
* [.setB64(value)](#JwsSignatureOptions+setB64)
@@ -3320,11 +3337,11 @@ Deserializes an instance from a JSON object.
-### new JwsSignatureOptions(options)
+### new JwsSignatureOptions([options])
| Param | Type |
| --- | --- |
-| options | IJwsSignatureOptions \| undefined |
+| [options] | IJwsSignatureOptions \| undefined |
@@ -3454,7 +3471,7 @@ Deserializes an instance from a JSON object.
**Kind**: global class
* [JwsVerificationOptions](#JwsVerificationOptions)
- * [new JwsVerificationOptions(options)](#new_JwsVerificationOptions_new)
+ * [new JwsVerificationOptions([options])](#new_JwsVerificationOptions_new)
* _instance_
* [.setNonce(value)](#JwsVerificationOptions+setNonce)
* [.setMethodScope(value)](#JwsVerificationOptions+setMethodScope)
@@ -3466,13 +3483,13 @@ Deserializes an instance from a JSON object.
-### new JwsVerificationOptions(options)
+### new JwsVerificationOptions([options])
Creates a new [JwsVerificationOptions](#JwsVerificationOptions) from the given fields.
| Param | Type |
| --- | --- |
-| options | IJwsVerificationOptions \| undefined |
+| [options] | IJwsVerificationOptions \| undefined |
@@ -3593,7 +3610,7 @@ Options to declare validation criteria when validating credentials.
**Kind**: global class
* [JwtCredentialValidationOptions](#JwtCredentialValidationOptions)
- * [new JwtCredentialValidationOptions(options)](#new_JwtCredentialValidationOptions_new)
+ * [new JwtCredentialValidationOptions([options])](#new_JwtCredentialValidationOptions_new)
* _instance_
* [.toJSON()](#JwtCredentialValidationOptions+toJSON) ⇒ any
* [.clone()](#JwtCredentialValidationOptions+clone) ⇒ [JwtCredentialValidationOptions](#JwtCredentialValidationOptions)
@@ -3602,11 +3619,11 @@ Options to declare validation criteria when validating credentials.
-### new JwtCredentialValidationOptions(options)
+### new JwtCredentialValidationOptions([options])
| Param | Type |
| --- | --- |
-| options | IJwtCredentialValidationOptions \| undefined |
+| [options] | IJwtCredentialValidationOptions \| undefined |
@@ -3648,6 +3665,7 @@ A type for decoding and validating [Credential](#Credential).
* [.checkIssuedOnOrBefore(credential, timestamp)](#JwtCredentialValidator.checkIssuedOnOrBefore)
* [.checkSubjectHolderRelationship(credential, holder, relationship)](#JwtCredentialValidator.checkSubjectHolderRelationship)
* [.checkStatus(credential, trustedIssuers, statusCheck)](#JwtCredentialValidator.checkStatus)
+ * [.checkStatusWithStatusList2021(credential, status_list, status_check)](#JwtCredentialValidator.checkStatusWithStatusList2021)
* [.extractIssuer(credential)](#JwtCredentialValidator.extractIssuer) ⇒ [CoreDID](#CoreDID)
* [.extractIssuerFromJwt(credential)](#JwtCredentialValidator.extractIssuerFromJwt) ⇒ [CoreDID](#CoreDID)
@@ -3698,7 +3716,7 @@ An error is returned whenever a validated condition is not satisfied.
| credential_jwt | [Jwt](#Jwt) |
| issuer | [CoreDocument](#CoreDocument) \| IToCoreDocument |
| options | [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) |
-| fail_fast | number |
+| fail_fast | [FailFast](#FailFast) |
@@ -3764,7 +3782,7 @@ Validate that the relationship between the `holder` and the credential subjects
| --- | --- |
| credential | [Credential](#Credential) |
| holder | string |
-| relationship | number |
+| relationship | [SubjectHolderRelationship](#SubjectHolderRelationship) |
@@ -3779,7 +3797,20 @@ Only supports `RevocationBitmap2022`.
| --- | --- |
| credential | [Credential](#Credential) |
| trustedIssuers | Array.<(CoreDocument\|IToCoreDocument)> |
-| statusCheck | number |
+| statusCheck | [StatusCheck](#StatusCheck) |
+
+
+
+### JwtCredentialValidator.checkStatusWithStatusList2021(credential, status_list, status_check)
+Checks wheter the credential status has been revoked using `StatusList2021`.
+
+**Kind**: static method of [JwtCredentialValidator](#JwtCredentialValidator)
+
+| Param | Type |
+| --- | --- |
+| credential | [Credential](#Credential) |
+| status_list | [StatusList2021Credential](#StatusList2021Credential) |
+| status_check | [StatusCheck](#StatusCheck) |
@@ -3885,7 +3916,7 @@ Error will be thrown in case the validation fails.
**Kind**: global class
* [JwtPresentationOptions](#JwtPresentationOptions)
- * [new JwtPresentationOptions(options)](#new_JwtPresentationOptions_new)
+ * [new JwtPresentationOptions([options])](#new_JwtPresentationOptions_new)
* _instance_
* [.toJSON()](#JwtPresentationOptions+toJSON) ⇒ any
* [.clone()](#JwtPresentationOptions+clone) ⇒ [JwtPresentationOptions](#JwtPresentationOptions)
@@ -3894,7 +3925,7 @@ Error will be thrown in case the validation fails.
-### new JwtPresentationOptions(options)
+### new JwtPresentationOptions([options])
Creates a new [JwtPresentationOptions](#JwtPresentationOptions) from the given fields.
Throws an error if any of the options are invalid.
@@ -3902,7 +3933,7 @@ Throws an error if any of the options are invalid.
| Param | Type |
| --- | --- |
-| options | IJwtPresentationOptions \| undefined |
+| [options] | IJwtPresentationOptions \| undefined |
@@ -3935,7 +3966,7 @@ Options to declare validation criteria when validating presentation.
**Kind**: global class
* [JwtPresentationValidationOptions](#JwtPresentationValidationOptions)
- * [new JwtPresentationValidationOptions(options)](#new_JwtPresentationValidationOptions_new)
+ * [new JwtPresentationValidationOptions([options])](#new_JwtPresentationValidationOptions_new)
* _instance_
* [.toJSON()](#JwtPresentationValidationOptions+toJSON) ⇒ any
* [.clone()](#JwtPresentationValidationOptions+clone) ⇒ [JwtPresentationValidationOptions](#JwtPresentationValidationOptions)
@@ -3944,7 +3975,7 @@ Options to declare validation criteria when validating presentation.
-### new JwtPresentationValidationOptions(options)
+### new JwtPresentationValidationOptions([options])
Creates a new [JwtPresentationValidationOptions](#JwtPresentationValidationOptions) from the given fields.
Throws an error if any of the options are invalid.
@@ -3952,7 +3983,7 @@ Throws an error if any of the options are invalid.
| Param | Type |
| --- | --- |
-| options | IJwtPresentationValidationOptions \| undefined |
+| [options] | IJwtPresentationValidationOptions \| undefined |
@@ -4072,7 +4103,7 @@ Options to declare validation criteria when validating credentials.
**Kind**: global class
* [KeyBindingJWTValidationOptions](#KeyBindingJWTValidationOptions)
- * [new KeyBindingJWTValidationOptions(options)](#new_KeyBindingJWTValidationOptions_new)
+ * [new KeyBindingJWTValidationOptions([options])](#new_KeyBindingJWTValidationOptions_new)
* _instance_
* [.toJSON()](#KeyBindingJWTValidationOptions+toJSON) ⇒ any
* [.clone()](#KeyBindingJWTValidationOptions+clone) ⇒ [KeyBindingJWTValidationOptions](#KeyBindingJWTValidationOptions)
@@ -4081,11 +4112,11 @@ Options to declare validation criteria when validating credentials.
-### new KeyBindingJWTValidationOptions(options)
+### new KeyBindingJWTValidationOptions([options])
| Param | Type |
| --- | --- |
-| options | IKeyBindingJWTValidationOptions \| undefined |
+| [options] | IKeyBindingJWTValidationOptions \| undefined |
@@ -4118,7 +4149,7 @@ Claims set for key binding JWT.
**Kind**: global class
* [KeyBindingJwtClaims](#KeyBindingJwtClaims)
- * [new KeyBindingJwtClaims(jwt, disclosures, nonce, aud, issued_at, custom_properties)](#new_KeyBindingJwtClaims_new)
+ * [new KeyBindingJwtClaims(jwt, disclosures, nonce, aud, [issued_at], [custom_properties])](#new_KeyBindingJwtClaims_new)
* _instance_
* [.toString()](#KeyBindingJwtClaims+toString) ⇒ string
* [.iat()](#KeyBindingJwtClaims+iat) ⇒ bigint
@@ -4134,7 +4165,7 @@ Claims set for key binding JWT.
-### new KeyBindingJwtClaims(jwt, disclosures, nonce, aud, issued_at, custom_properties)
+### new KeyBindingJwtClaims(jwt, disclosures, nonce, aud, [issued_at], [custom_properties])
Creates a new [`KeyBindingJwtClaims`].
When `issued_at` is left as None, it will automatically default to the current time.
@@ -4148,8 +4179,8 @@ When `issued_at` is set to `None` and the system returns time earlier than `Syst
| disclosures | Array.<string> |
| nonce | string |
| aud | string |
-| issued_at | [Timestamp](#Timestamp) \| undefined |
-| custom_properties | Record.<string, any> \| undefined |
+| [issued_at] | [Timestamp](#Timestamp) \| undefined |
+| [custom_properties] | Record.<string, any> \| undefined |
@@ -4586,7 +4617,7 @@ Deserializes an instance from a JSON object.
* [.refreshService()](#Presentation+refreshService) ⇒ Array.<RefreshService>
* [.termsOfUse()](#Presentation+termsOfUse) ⇒ Array.<Policy>
* [.proof()](#Presentation+proof) ⇒ [Proof](#Proof) \| undefined
- * [.setProof(proof)](#Presentation+setProof)
+ * [.setProof([proof])](#Presentation+setProof)
* [.properties()](#Presentation+properties) ⇒ Map.<string, any>
* [.toJSON()](#Presentation+toJSON) ⇒ any
* [.clone()](#Presentation+clone) ⇒ [Presentation](#Presentation)
@@ -4655,7 +4686,7 @@ Optional cryptographic proof, unrelated to JWT.
**Kind**: instance method of [Presentation](#Presentation)
-### presentation.setProof(proof)
+### presentation.setProof([proof])
Sets the proof property of the [Presentation](#Presentation).
Note that this proof is not related to JWT.
@@ -4664,7 +4695,7 @@ Note that this proof is not related to JWT.
| Param | Type |
| --- | --- |
-| proof | [Proof](#Proof) \| undefined |
+| [proof] | [Proof](#Proof) \| undefined |
@@ -4953,7 +4984,7 @@ Representation of an SD-JWT of the format
**Kind**: global class
* [SdJwt](#SdJwt)
- * [new SdJwt(jwt, disclosures, key_binding_jwt)](#new_SdJwt_new)
+ * [new SdJwt(jwt, disclosures, [key_binding_jwt])](#new_SdJwt_new)
* _instance_
* [.presentation()](#SdJwt+presentation) ⇒ string
* [.toString()](#SdJwt+toString) ⇒ string
@@ -4968,7 +4999,7 @@ Representation of an SD-JWT of the format
-### new SdJwt(jwt, disclosures, key_binding_jwt)
+### new SdJwt(jwt, disclosures, [key_binding_jwt])
Creates a new `SdJwt` from its components.
@@ -4976,7 +5007,7 @@ Creates a new `SdJwt` from its components.
| --- | --- |
| jwt | string |
| disclosures | Array.<string> |
-| key_binding_jwt | string \| undefined |
+| [key_binding_jwt] | string \| undefined |
@@ -5108,7 +5139,7 @@ An error is returned whenever a validated condition is not satisfied.
| sd_jwt | [SdJwt](#SdJwt) |
| issuer | [CoreDocument](#CoreDocument) \| IToCoreDocument |
| options | [JwtCredentialValidationOptions](#JwtCredentialValidationOptions) |
-| fail_fast | number |
+| fail_fast | [FailFast](#FailFast) |
@@ -5201,8 +5232,8 @@ Note: digests are created using the sha-256 algorithm.
* [SdObjectEncoder](#SdObjectEncoder)
* [new SdObjectEncoder(object)](#new_SdObjectEncoder_new)
- * [.conceal(path, salt)](#SdObjectEncoder+conceal) ⇒ [Disclosure](#Disclosure)
- * [.concealArrayEntry(path, element_index, salt)](#SdObjectEncoder+concealArrayEntry) ⇒ [Disclosure](#Disclosure)
+ * [.conceal(path, [salt])](#SdObjectEncoder+conceal) ⇒ [Disclosure](#Disclosure)
+ * [.concealArrayEntry(path, element_index, [salt])](#SdObjectEncoder+concealArrayEntry) ⇒ [Disclosure](#Disclosure)
* [.addSdAlgProperty()](#SdObjectEncoder+addSdAlgProperty)
* [.encodeToString()](#SdObjectEncoder+encodeToString) ⇒ string
* [.toString()](#SdObjectEncoder+toString) ⇒ string
@@ -5222,7 +5253,7 @@ Creates a new `SdObjectEncoder` with `sha-256` hash function.
-### sdObjectEncoder.conceal(path, salt) ⇒ [Disclosure](#Disclosure)
+### sdObjectEncoder.conceal(path, [salt]) ⇒ [Disclosure](#Disclosure)
Substitutes a value with the digest of its disclosure.
If no salt is provided, the disclosure will be created with a random salt value.
@@ -5241,11 +5272,11 @@ Use `concealArrayEntry` for values in arrays.
| Param | Type |
| --- | --- |
| path | Array.<string> |
-| salt | string \| undefined |
+| [salt] | string \| undefined |
-### sdObjectEncoder.concealArrayEntry(path, element_index, salt) ⇒ [Disclosure](#Disclosure)
+### sdObjectEncoder.concealArrayEntry(path, element_index, [salt]) ⇒ [Disclosure](#Disclosure)
Substitutes a value within an array with the digest of its disclosure.
If no salt is provided, the disclosure will be created with random salt value.
@@ -5263,7 +5294,7 @@ the index of the element to be concealed (index start at 0).
| --- | --- |
| path | Array.<string> |
| element_index | number |
-| salt | string \| undefined |
+| [salt] | string \| undefined |
@@ -5383,6 +5414,365 @@ Deserializes an instance from a JSON object.
| --- | --- |
| json | any |
+
+
+## StatusList2021
+StatusList2021 data structure as described in [W3C's VC status list 2021](https://www.w3.org/TR/2023/WD-vc-status-list-20230427/).
+
+**Kind**: global class
+
+* [StatusList2021](#StatusList2021)
+ * [new StatusList2021([size])](#new_StatusList2021_new)
+ * _instance_
+ * [.clone()](#StatusList2021+clone) ⇒ [StatusList2021](#StatusList2021)
+ * [.len()](#StatusList2021+len) ⇒ number
+ * [.get(index)](#StatusList2021+get) ⇒ boolean
+ * [.set(index, value)](#StatusList2021+set)
+ * [.intoEncodedStr()](#StatusList2021+intoEncodedStr) ⇒ string
+ * _static_
+ * [.fromEncodedStr(s)](#StatusList2021.fromEncodedStr) ⇒ [StatusList2021](#StatusList2021)
+
+
+
+### new StatusList2021([size])
+Creates a new [StatusList2021](#StatusList2021) of `size` entries.
+
+
+| Param | Type |
+| --- | --- |
+| [size] | number \| undefined |
+
+
+
+### statusList2021.clone() ⇒ [StatusList2021](#StatusList2021)
+Deep clones the object.
+
+**Kind**: instance method of [StatusList2021](#StatusList2021)
+
+
+### statusList2021.len() ⇒ number
+Returns the number of entries in this [StatusList2021](#StatusList2021).
+
+**Kind**: instance method of [StatusList2021](#StatusList2021)
+
+
+### statusList2021.get(index) ⇒ boolean
+Returns whether the entry at `index` is set.
+
+**Kind**: instance method of [StatusList2021](#StatusList2021)
+
+| Param | Type |
+| --- | --- |
+| index | number |
+
+
+
+### statusList2021.set(index, value)
+Sets the value of the `index`-th entry.
+
+**Kind**: instance method of [StatusList2021](#StatusList2021)
+
+| Param | Type |
+| --- | --- |
+| index | number |
+| value | boolean |
+
+
+
+### statusList2021.intoEncodedStr() ⇒ string
+Encodes this [StatusList2021](#StatusList2021) into its compressed
+base64 string representation.
+
+**Kind**: instance method of [StatusList2021](#StatusList2021)
+
+
+### StatusList2021.fromEncodedStr(s) ⇒ [StatusList2021](#StatusList2021)
+Attempts to decode a [StatusList2021](#StatusList2021) from a string.
+
+**Kind**: static method of [StatusList2021](#StatusList2021)
+
+| Param | Type |
+| --- | --- |
+| s | string |
+
+
+
+## StatusList2021Credential
+A parsed [StatusList2021Credential](https://www.w3.org/TR/2023/WD-vc-status-list-20230427/#statuslist2021credential).
+
+**Kind**: global class
+
+* [StatusList2021Credential](#StatusList2021Credential)
+ * [new StatusList2021Credential(credential)](#new_StatusList2021Credential_new)
+ * _instance_
+ * [.id()](#StatusList2021Credential+id) ⇒ string
+ * [.setCredentialStatus(credential, index, value)](#StatusList2021Credential+setCredentialStatus) ⇒ [StatusList2021Entry](#StatusList2021Entry)
+ * [.purpose()](#StatusList2021Credential+purpose) ⇒ [StatusPurpose](#StatusPurpose)
+ * [.entry(index)](#StatusList2021Credential+entry) ⇒ [CredentialStatus](#CredentialStatus)
+ * [.clone()](#StatusList2021Credential+clone) ⇒ [StatusList2021Credential](#StatusList2021Credential)
+ * [.toJSON()](#StatusList2021Credential+toJSON) ⇒ any
+ * _static_
+ * [.fromJSON(json)](#StatusList2021Credential.fromJSON) ⇒ [StatusList2021Credential](#StatusList2021Credential)
+
+
+
+### new StatusList2021Credential(credential)
+Creates a new [StatusList2021Credential](#StatusList2021Credential).
+
+
+| Param | Type |
+| --- | --- |
+| credential | [Credential](#Credential) |
+
+
+
+### statusList2021Credential.id() ⇒ string
+**Kind**: instance method of [StatusList2021Credential](#StatusList2021Credential)
+
+
+### statusList2021Credential.setCredentialStatus(credential, index, value) ⇒ [StatusList2021Entry](#StatusList2021Entry)
+Sets the given credential's status using the `index`-th entry of this status list.
+Returns the created `credentialStatus`.
+
+**Kind**: instance method of [StatusList2021Credential](#StatusList2021Credential)
+
+| Param | Type |
+| --- | --- |
+| credential | [Credential](#Credential) |
+| index | number |
+| value | boolean |
+
+
+
+### statusList2021Credential.purpose() ⇒ [StatusPurpose](#StatusPurpose)
+Returns the [StatusPurpose](#StatusPurpose) of this [StatusList2021Credential](#StatusList2021Credential).
+
+**Kind**: instance method of [StatusList2021Credential](#StatusList2021Credential)
+
+
+### statusList2021Credential.entry(index) ⇒ [CredentialStatus](#CredentialStatus)
+Returns the state of the `index`-th entry, if any.
+
+**Kind**: instance method of [StatusList2021Credential](#StatusList2021Credential)
+
+| Param | Type |
+| --- | --- |
+| index | number |
+
+
+
+### statusList2021Credential.clone() ⇒ [StatusList2021Credential](#StatusList2021Credential)
+**Kind**: instance method of [StatusList2021Credential](#StatusList2021Credential)
+
+
+### statusList2021Credential.toJSON() ⇒ any
+**Kind**: instance method of [StatusList2021Credential](#StatusList2021Credential)
+
+
+### StatusList2021Credential.fromJSON(json) ⇒ [StatusList2021Credential](#StatusList2021Credential)
+**Kind**: static method of [StatusList2021Credential](#StatusList2021Credential)
+
+| Param | Type |
+| --- | --- |
+| json | any |
+
+
+
+## StatusList2021CredentialBuilder
+Builder type to construct valid [StatusList2021Credential](#StatusList2021Credential) istances.
+
+**Kind**: global class
+
+* [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+ * [new StatusList2021CredentialBuilder([status_list])](#new_StatusList2021CredentialBuilder_new)
+ * [.purpose(purpose)](#StatusList2021CredentialBuilder+purpose) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+ * [.subjectId(id)](#StatusList2021CredentialBuilder+subjectId) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+ * [.expirationDate(time)](#StatusList2021CredentialBuilder+expirationDate) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+ * [.issuer(issuer)](#StatusList2021CredentialBuilder+issuer) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+ * [.context(context)](#StatusList2021CredentialBuilder+context) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+ * [.type(t)](#StatusList2021CredentialBuilder+type) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+ * [.proof(proof)](#StatusList2021CredentialBuilder+proof) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+ * [.build()](#StatusList2021CredentialBuilder+build) ⇒ [StatusList2021Credential](#StatusList2021Credential)
+
+
+
+### new StatusList2021CredentialBuilder([status_list])
+Creates a new [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder).
+
+
+| Param | Type |
+| --- | --- |
+| [status_list] | [StatusList2021](#StatusList2021) \| undefined |
+
+
+
+### statusList2021CredentialBuilder.purpose(purpose) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+Sets the purpose of the [StatusList2021Credential](#StatusList2021Credential) that is being created.
+
+**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+
+| Param | Type |
+| --- | --- |
+| purpose | [StatusPurpose](#StatusPurpose) |
+
+
+
+### statusList2021CredentialBuilder.subjectId(id) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+Sets `credentialSubject.id`.
+
+**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+
+| Param | Type |
+| --- | --- |
+| id | string |
+
+
+
+### statusList2021CredentialBuilder.expirationDate(time) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+Sets the expiration date of the credential.
+
+**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+
+| Param | Type |
+| --- | --- |
+| time | [Timestamp](#Timestamp) |
+
+
+
+### statusList2021CredentialBuilder.issuer(issuer) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+Sets the issuer of the credential.
+
+**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+
+| Param | Type |
+| --- | --- |
+| issuer | string |
+
+
+
+### statusList2021CredentialBuilder.context(context) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+Sets the context of the credential.
+
+**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+
+| Param | Type |
+| --- | --- |
+| context | string |
+
+
+
+### statusList2021CredentialBuilder.type(t) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+Adds a credential type.
+
+**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+
+| Param | Type |
+| --- | --- |
+| t | string |
+
+
+
+### statusList2021CredentialBuilder.proof(proof) ⇒ [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+Adds a credential's proof.
+
+**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+
+| Param | Type |
+| --- | --- |
+| proof | [Proof](#Proof) |
+
+
+
+### statusList2021CredentialBuilder.build() ⇒ [StatusList2021Credential](#StatusList2021Credential)
+Attempts to build a valid [StatusList2021Credential](#StatusList2021Credential) with the previously provided data.
+
+**Kind**: instance method of [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
+
+
+## StatusList2021Entry
+[StatusList2021Entry](https://www.w3.org/TR/2023/WD-vc-status-list-20230427/#statuslist2021entry) implementation.
+
+**Kind**: global class
+
+* [StatusList2021Entry](#StatusList2021Entry)
+ * [new StatusList2021Entry(status_list, purpose, index, [id])](#new_StatusList2021Entry_new)
+ * _instance_
+ * [.id()](#StatusList2021Entry+id) ⇒ string
+ * [.purpose()](#StatusList2021Entry+purpose) ⇒ [StatusPurpose](#StatusPurpose)
+ * [.index()](#StatusList2021Entry+index) ⇒ number
+ * [.status_list_credential()](#StatusList2021Entry+status_list_credential) ⇒ string
+ * [.toStatus()](#StatusList2021Entry+toStatus) ⇒ Status
+ * [.clone()](#StatusList2021Entry+clone) ⇒ [StatusList2021Entry](#StatusList2021Entry)
+ * [.toJSON()](#StatusList2021Entry+toJSON) ⇒ any
+ * _static_
+ * [.fromJSON(json)](#StatusList2021Entry.fromJSON) ⇒ [StatusList2021Entry](#StatusList2021Entry)
+
+
+
+### new StatusList2021Entry(status_list, purpose, index, [id])
+Creates a new [StatusList2021Entry](#StatusList2021Entry).
+
+
+| Param | Type |
+| --- | --- |
+| status_list | string |
+| purpose | [StatusPurpose](#StatusPurpose) |
+| index | number |
+| [id] | string \| undefined |
+
+
+
+### statusList2021Entry.id() ⇒ string
+Returns this `credentialStatus`'s `id`.
+
+**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry)
+
+
+### statusList2021Entry.purpose() ⇒ [StatusPurpose](#StatusPurpose)
+Returns the purpose of this entry.
+
+**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry)
+
+
+### statusList2021Entry.index() ⇒ number
+Returns the index of this entry.
+
+**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry)
+
+
+### statusList2021Entry.status\_list\_credential() ⇒ string
+Returns the referenced [StatusList2021Credential](#StatusList2021Credential)'s url.
+
+**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry)
+
+
+### statusList2021Entry.toStatus() ⇒ Status
+Downcasts [this](this) to [Status](Status)
+
+**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry)
+
+
+### statusList2021Entry.clone() ⇒ [StatusList2021Entry](#StatusList2021Entry)
+Deep clones the object.
+
+**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry)
+
+
+### statusList2021Entry.toJSON() ⇒ any
+Serializes this to a JSON object.
+
+**Kind**: instance method of [StatusList2021Entry](#StatusList2021Entry)
+
+
+### StatusList2021Entry.fromJSON(json) ⇒ [StatusList2021Entry](#StatusList2021Entry)
+Deserializes an instance from a JSON object.
+
+**Kind**: static method of [StatusList2021Entry](#StatusList2021Entry)
+
+| Param | Type |
+| --- | --- |
+| json | any |
+
## Storage
@@ -5585,7 +5975,7 @@ A DID Document Verification Method.
* [.toJSON()](#VerificationMethod+toJSON) ⇒ any
* [.clone()](#VerificationMethod+clone) ⇒ [VerificationMethod](#VerificationMethod)
* _static_
- * [.newFromJwk(did, key, fragment)](#VerificationMethod.newFromJwk) ⇒ [VerificationMethod](#VerificationMethod)
+ * [.newFromJwk(did, key, [fragment])](#VerificationMethod.newFromJwk) ⇒ [VerificationMethod](#VerificationMethod)
* [.fromJSON(json)](#VerificationMethod.fromJSON) ⇒ [VerificationMethod](#VerificationMethod)
@@ -5693,7 +6083,7 @@ Deep clones the object.
**Kind**: instance method of [VerificationMethod](#VerificationMethod)
-### VerificationMethod.newFromJwk(did, key, fragment) ⇒ [VerificationMethod](#VerificationMethod)
+### VerificationMethod.newFromJwk(did, key, [fragment]) ⇒ [VerificationMethod](#VerificationMethod)
Creates a new [VerificationMethod](#VerificationMethod) from the given `did` and [Jwk](#Jwk). If `fragment` is not given
the `kid` value of the given `key` will be used, if present, otherwise an error is returned.
@@ -5710,7 +6100,7 @@ done automatically if `None` is passed in as the fragment.
| --- | --- |
| did | [CoreDID](#CoreDID) \| IToCoreDID |
| key | [Jwk](#Jwk) |
-| fragment | string \| undefined |
+| [fragment] | string \| undefined |
@@ -5723,35 +6113,14 @@ Deserializes an instance from a JSON object.
| --- | --- |
| json | any |
-
-
-## StatusCheck
-Controls validation behaviour when checking whether or not a credential has been revoked by its
-[`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status).
-
-**Kind**: global variable
-
-
-## Strict
-Validate the status if supported, reject any unsupported
-[`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status) types.
-
-Only `RevocationBitmap2022` is currently supported.
-
-This is the default.
-
-**Kind**: global variable
-
-
-## SkipUnsupported
-Validate the status if supported, skip any unsupported
-[`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status) types.
+
+## StateMetadataEncoding
**Kind**: global variable
-
+
-## SkipAll
-Skip all status checks.
+## StatusPurpose
+Purpose of a [StatusList2021](#StatusList2021).
**Kind**: global variable
@@ -5799,9 +6168,40 @@ Return all errors that occur during validation.
Return after the first error occurs.
**Kind**: global variable
-
+
+
+## StatusCheck
+Controls validation behaviour when checking whether or not a credential has been revoked by its
+[`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status).
-## StateMetadataEncoding
+**Kind**: global variable
+
+
+## Strict
+Validate the status if supported, reject any unsupported
+[`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status) types.
+
+Only `RevocationBitmap2022` is currently supported.
+
+This is the default.
+
+**Kind**: global variable
+
+
+## SkipUnsupported
+Validate the status if supported, skip any unsupported
+[`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status) types.
+
+**Kind**: global variable
+
+
+## SkipAll
+Skip all status checks.
+
+**Kind**: global variable
+
+
+## CredentialStatus
**Kind**: global variable
@@ -5829,12 +6229,6 @@ prior to calling the function.
| decodedSignature | Uint8Array |
| publicKey | [Jwk](#Jwk) |
-
-
-## start()
-Initializes the console error panic hook for better error messages
-
-**Kind**: global function
## encodeB64(data) ⇒ string
@@ -5857,3 +6251,9 @@ Decode the given url-safe base64-encoded slice into its raw bytes.
| --- | --- |
| data | Uint8Array |
+
+
+## start()
+Initializes the console error panic hook for better error messages
+
+**Kind**: global function
diff --git a/bindings/wasm/examples/README.md b/bindings/wasm/examples/README.md
index 98cec6b1f7..74914481b9 100644
--- a/bindings/wasm/examples/README.md
+++ b/bindings/wasm/examples/README.md
@@ -60,6 +60,7 @@ The following advanced examples are available:
| [4_custom_resolution](src/1_advanced/4_custom_resolution.ts) | Demonstrates how to set up a resolver using custom handlers. |
| [5_domain_linkage](src/1_advanced/5_domain_linkage.ts) | Demonstrates how to link a domain and a DID and verify the linkage. |
| [6_sd_jwt](src/1_advanced/6_sd_jwt.ts) | Demonstrates how to create a selective disclosure verifiable credential |
+| [7_domain_linkage](src/1_advanced/7_status_list_2021.ts) | Demonstrates how to revoke a credential using `StatusList2021`. |
## Browser
diff --git a/bindings/wasm/examples/src/1_advanced/7_status_list_2021.ts b/bindings/wasm/examples/src/1_advanced/7_status_list_2021.ts
new file mode 100644
index 0000000000..4e70d8fa19
--- /dev/null
+++ b/bindings/wasm/examples/src/1_advanced/7_status_list_2021.ts
@@ -0,0 +1,169 @@
+// Copyright 2020-2023 IOTA Stiftung
+// SPDX-License-Identifier: Apache-2.0
+
+import {
+ Credential,
+ EdDSAJwsVerifier,
+ FailFast,
+ JwkMemStore,
+ JwsSignatureOptions,
+ JwtCredentialValidationOptions,
+ JwtCredentialValidator,
+ KeyIdMemStore,
+ StatusCheck,
+ StatusList2021,
+ StatusList2021Credential,
+ StatusList2021CredentialBuilder,
+ StatusList2021Entry,
+ StatusPurpose,
+ Storage,
+} from "@iota/identity-wasm/node";
+import { Client, MnemonicSecretManager, Utils } from "@iota/sdk-wasm/node";
+import { API_ENDPOINT, createDid } from "../util";
+
+export async function statusList2021() {
+ // ===========================================================================
+ // Create a Verifiable Credential.
+ // ===========================================================================
+
+ const client = new Client({
+ primaryNode: API_ENDPOINT,
+ localPow: true,
+ });
+
+ // Generate a random mnemonic for the issuer.
+ const issuerSecretManager: MnemonicSecretManager = {
+ mnemonic: Utils.generateMnemonic(),
+ };
+
+ // Create an identity for the issuer with one verification method `key-1`.
+ const issuerStorage: Storage = new Storage(
+ new JwkMemStore(),
+ new KeyIdMemStore(),
+ );
+ let { document: issuerDocument, fragment: issuerFragment } = await createDid(
+ client,
+ issuerSecretManager,
+ issuerStorage,
+ );
+
+ // Generate a random mnemonic for Alice.
+ const aliceSecretManager: MnemonicSecretManager = {
+ mnemonic: Utils.generateMnemonic(),
+ };
+
+ // Create an identity for the holder, in this case also the subject.
+ const aliceStorage: Storage = new Storage(
+ new JwkMemStore(),
+ new KeyIdMemStore(),
+ );
+ let { document: aliceDocument } = await createDid(
+ client,
+ aliceSecretManager,
+ aliceStorage,
+ );
+
+ // Create a new empty status list. No credentials have been revoked yet.
+ const statusList = new StatusList2021();
+
+ // Create a status list credential so that the status list can be stored anywhere.
+ // The issuer makes this credential available on `http://example.com/credential/status`.
+ // For the purposes of this example, the credential will be used directly without fetching.
+ const statusListCredential = new StatusList2021CredentialBuilder(statusList)
+ .purpose(StatusPurpose.Revocation)
+ .subjectId("http://example.com/credential/status")
+ .issuer(issuerDocument.id().toString())
+ .build();
+ const statusListCredentialJSON = statusListCredential.toJSON();
+ console.log("Status list credential > " + statusListCredential);
+
+ // Create a credential subject indicating the degree earned by Alice, linked to their DID.
+ const subject = {
+ id: aliceDocument.id(),
+ name: "Alice",
+ degreeName: "Bachelor of Science and Arts",
+ degreeType: "BachelorDegree",
+ GPA: "4.0",
+ };
+
+ // Create an unsigned `UniversityDegree` credential for Alice.
+ // The issuer also chooses a unique `StatusList2021` index to be able to revoke it later.
+ const CREDENTIAL_INDEX = 5;
+ const status = new StatusList2021Entry(statusListCredential.id(), statusListCredential.purpose(), CREDENTIAL_INDEX)
+ .toStatus();
+ const credential = new Credential({
+ id: "https://example.edu/credentials/3732",
+ type: "UniversityDegreeCredential",
+ credentialStatus: status,
+ issuer: issuerDocument.id(),
+ credentialSubject: subject,
+ });
+
+ // Create signed JWT credential.
+ const credentialJwt = await issuerDocument.createCredentialJwt(
+ issuerStorage,
+ issuerFragment,
+ credential,
+ new JwsSignatureOptions(),
+ );
+ console.log(`Credential JWT > ${credentialJwt.toString()}`);
+
+ // Validate the credential using the issuer's DID Document.
+ const validationOptions = new JwtCredentialValidationOptions({ status: StatusCheck.SkipUnsupported });
+ // The validator has no way of retrieving the status list to check for the
+ // revocation of the credential. Let's skip that pass and perform the operation manually.
+ let jwtCredentialValidator = new JwtCredentialValidator(new EdDSAJwsVerifier());
+
+ try {
+ jwtCredentialValidator.validate(
+ credentialJwt,
+ issuerDocument,
+ validationOptions,
+ FailFast.FirstError,
+ );
+ // Check manually for revocation
+ JwtCredentialValidator.checkStatusWithStatusList2021(
+ credential,
+ statusListCredential,
+ StatusCheck.Strict,
+ );
+ } catch (e) {
+ // This line shouldn't be called as the credential is valid and unrevoked
+ console.log("Something went wrong: " + e);
+ }
+
+ // ===========================================================================
+ // Revocation of the Verifiable Credential.
+ // ===========================================================================
+
+ // At a later time, the issuer university found out that Alice cheated in her final exam.
+ // The issuer will revoke Alice's credential.
+
+ // The issuer retrieves the status list credential.
+ const refetchedStatusListCredential = new StatusList2021Credential(new Credential(statusListCredentialJSON as any));
+
+ // Update the status list credential.
+ // This revokes the credential's unique index.
+ refetchedStatusListCredential.setCredentialStatus(credential, CREDENTIAL_INDEX, true);
+
+ // Credential verification now fails.
+ try {
+ jwtCredentialValidator.validate(
+ credentialJwt,
+ issuerDocument,
+ validationOptions,
+ FailFast.FirstError,
+ );
+ /// Since the credential has been revoked, this validation step will throw an error.
+ JwtCredentialValidator.checkStatusWithStatusList2021(
+ credential,
+ refetchedStatusListCredential,
+ StatusCheck.Strict,
+ );
+ // In case the revocation failed for some reason we will hit this point
+ console.log("Revocation Failed!");
+ } catch (e) {
+ /// The credential has been revoked.
+ console.log("The credential has been successfully revoked.");
+ }
+}
diff --git a/bindings/wasm/examples/src/main.ts b/bindings/wasm/examples/src/main.ts
index bf71211e3e..145980e649 100644
--- a/bindings/wasm/examples/src/main.ts
+++ b/bindings/wasm/examples/src/main.ts
@@ -16,6 +16,7 @@ import { didIssuesTokens } from "./1_advanced/3_did_issues_tokens";
import { customResolution } from "./1_advanced/4_custom_resolution";
import { domainLinkage } from "./1_advanced/5_domain_linkage";
import { sdJwt } from "./1_advanced/6_sd_jwt";
+import { statusList2021 } from "./1_advanced/7_status_list_2021";
async function main() {
// Extract example name.
@@ -55,6 +56,8 @@ async function main() {
return await domainLinkage();
case "6_sd_jwt":
return await sdJwt();
+ case "7_status_list_2021":
+ return await statusList2021();
default:
throw "Unknown example name: '" + argument + "'";
}
diff --git a/bindings/wasm/examples/src/tests/7_status_list_2021.ts b/bindings/wasm/examples/src/tests/7_status_list_2021.ts
new file mode 100644
index 0000000000..2698e210c4
--- /dev/null
+++ b/bindings/wasm/examples/src/tests/7_status_list_2021.ts
@@ -0,0 +1,8 @@
+import { statusList2021 } from "../1_advanced/7_status_list_2021";
+
+// Only verifies that no uncaught exceptions are thrown, including syntax errors etc.
+describe("Test node examples", function() {
+ it("StatusList2021", async () => {
+ await statusList2021();
+ });
+});
diff --git a/bindings/wasm/src/credential/credential.rs b/bindings/wasm/src/credential/credential.rs
index 98158bd97e..69ef827834 100644
--- a/bindings/wasm/src/credential/credential.rs
+++ b/bindings/wasm/src/credential/credential.rs
@@ -30,6 +30,7 @@ use crate::error::Result;
use crate::error::WasmResult;
#[wasm_bindgen(js_name = Credential, inspectable)]
+#[derive(Clone, Debug, Eq, PartialEq)]
pub struct WasmCredential(pub(crate) Credential);
#[wasm_bindgen(js_class = Credential)]
diff --git a/bindings/wasm/src/credential/jwt_credential_validation/jwt_credential_validator.rs b/bindings/wasm/src/credential/jwt_credential_validation/jwt_credential_validator.rs
index 74682d3e0d..9434a6d521 100644
--- a/bindings/wasm/src/credential/jwt_credential_validation/jwt_credential_validator.rs
+++ b/bindings/wasm/src/credential/jwt_credential_validation/jwt_credential_validator.rs
@@ -1,4 +1,4 @@
-// Copyright 2020-2023 IOTA Stiftung
+// Copyright 2020-2024 IOTA Stiftung
// SPDX-License-Identifier: Apache-2.0
use identity_iota::core::Object;
@@ -13,6 +13,7 @@ use crate::common::ImportedDocumentLock;
use crate::common::ImportedDocumentReadGuard;
use crate::common::WasmTimestamp;
use crate::credential::options::WasmStatusCheck;
+use crate::credential::revocation::status_list_2021::WasmStatusList2021Credential;
use crate::credential::WasmCredential;
use crate::credential::WasmDecodedJwtCredential;
use crate::credential::WasmFailFast;
@@ -170,6 +171,21 @@ impl WasmJwtCredentialValidator {
JwtCredentialValidatorUtils::check_status(&credential.0, &trusted_issuers, status_check).wasm_result()
}
+ /// Checks wheter the credential status has been revoked using `StatusList2021`.
+ #[wasm_bindgen(js_name = checkStatusWithStatusList2021)]
+ pub fn check_status_with_status_list_2021(
+ credential: &WasmCredential,
+ status_list: &WasmStatusList2021Credential,
+ status_check: WasmStatusCheck,
+ ) -> Result<()> {
+ JwtCredentialValidatorUtils::check_status_with_status_list_2021(
+ &credential.0,
+ &status_list.inner,
+ status_check.into(),
+ )
+ .wasm_result()
+ }
+
/// Utility for extracting the issuer field of a {@link Credential} as a DID.
///
/// ### Errors
diff --git a/bindings/wasm/src/credential/mod.rs b/bindings/wasm/src/credential/mod.rs
index 755ce11afe..832eac1cd4 100644
--- a/bindings/wasm/src/credential/mod.rs
+++ b/bindings/wasm/src/credential/mod.rs
@@ -14,6 +14,7 @@ pub use self::options::WasmFailFast;
pub use self::options::WasmSubjectHolderRelationship;
pub use self::presentation::*;
pub use self::proof::WasmProof;
+pub use self::revocation::*;
pub use self::types::*;
mod credential;
@@ -29,4 +30,5 @@ mod linked_domain_service;
mod options;
mod presentation;
mod proof;
+mod revocation;
mod types;
diff --git a/bindings/wasm/src/credential/revocation/mod.rs b/bindings/wasm/src/credential/revocation/mod.rs
new file mode 100644
index 0000000000..7ad04980b4
--- /dev/null
+++ b/bindings/wasm/src/credential/revocation/mod.rs
@@ -0,0 +1,4 @@
+// Copyright 2020-2024 IOTA Stiftung
+// SPDX-License-Identifier: Apache-2.0
+
+pub mod status_list_2021;
diff --git a/bindings/wasm/src/credential/revocation/status_list_2021/credential.rs b/bindings/wasm/src/credential/revocation/status_list_2021/credential.rs
new file mode 100644
index 0000000000..d440dc8814
--- /dev/null
+++ b/bindings/wasm/src/credential/revocation/status_list_2021/credential.rs
@@ -0,0 +1,244 @@
+// Copyright 2020-2024 IOTA Stiftung
+// SPDX-License-Identifier: Apache-2.0
+
+use std::ops::Deref;
+
+use identity_iota::core::Context;
+use identity_iota::core::Url;
+use identity_iota::credential::status_list_2021::CredentialStatus;
+use identity_iota::credential::status_list_2021::StatusList2021Credential;
+use identity_iota::credential::status_list_2021::StatusList2021CredentialBuilder;
+use identity_iota::credential::status_list_2021::StatusPurpose;
+use identity_iota::credential::Issuer;
+use wasm_bindgen::prelude::*;
+
+use crate::common::WasmTimestamp;
+use crate::credential::WasmCredential;
+use crate::credential::WasmProof;
+use crate::error::Result;
+use crate::error::WasmResult;
+
+use super::WasmStatusList2021;
+use super::WasmStatusList2021Entry;
+
+#[wasm_bindgen(js_name = CredentialStatus)]
+#[derive(Clone, Copy, Debug, Eq, PartialEq, Hash)]
+pub enum WasmCredentialStatus {
+ Revoked = 0,
+ Suspended = 1,
+ Valid = 2,
+}
+
+impl From