Wasm Api Reference

Classes

CoreDID

A method-agnostic Decentralized Identifier (DID).

CoreDocument

A method-agnostic DID Document.

Note: All methods that involve reading from this class may potentially raise an error if the object is being concurrently modified.

Credential

CustomMethodData

A custom verification method data format.

DIDUrl

A method agnostic DID Url.

DecodedJws

A cryptographically verified decoded token from a JWS.

Contains the decoded headers and the raw claims.

DecodedJwtCredential

A cryptographically verified and decoded Credential.

Note that having an instance of this type only means the JWS it was constructed from was verified. It does not imply anything about a potentially present proof property on the credential itself.

DecodedJwtPresentation

A cryptographically verified and decoded presentation.

Note that having an instance of this type only means the JWS it was constructed from was verified. It does not imply anything about a potentially present proof property on the presentation itself.

Disclosure

Represents an elements constructing a disclosure. Object properties and array elements disclosures are supported.

See: https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-07.html#name-disclosures

DomainLinkageConfiguration

DID Configuration Resource which contains Domain Linkage Credentials. It can be placed in an origin's .well-known directory to prove linkage between the origin and a DID. See: https://identity.foundation/.well-known/resources/did-configuration/#did-configuration-resource

Note:

• Only the JSON Web Token Proof Format

Duration

A span of time.

EdDSAJwsVerifier

An implementor of IJwsVerifier that can handle theEdDSA algorithm.

IotaDID

A DID conforming to the IOTA DID method specification.

IotaDocument

A DID Document adhering to the IOTA DID method specification.

Note: All methods that involve reading from this class may potentially raise an error if the object is being concurrently modified.

IotaDocumentMetadata

Additional attributes related to an IOTA DID Document.

IotaIdentityClientExt

An extension interface that provides helper functions for publication and resolution of DID documents in Alias Outputs.

Jwk

JwkGenOutput

The result of a key generation in JwkStorage.

Jws

A wrapper around a JSON Web Signature (JWS).

JwsHeader

JwsSignatureOptions

JwsVerificationOptions

Jwt

A wrapper around a JSON Web Token (JWK).

JwtCredentialValidationOptions

Options to declare validation criteria when validating credentials.

JwtCredentialValidator

A type for decoding and validating Credential.

JwtDomainLinkageValidator

A validator for a Domain Linkage Configuration and Credentials.

JwtPresentationOptions

JwtPresentationValidationOptions

Options to declare validation criteria when validating presentation.

JwtPresentationValidator

KeyBindingJWTValidationOptions

Options to declare validation criteria when validating credentials.

KeyBindingJwtClaims

Claims set for key binding JWT.

LinkedDomainService

MethodData

Supported verification method data formats.

MethodDigest

Unique identifier of a VerificationMethod.

NOTE: This class does not have a JSON representation, use the methods pack and unpack instead.

MethodScope

Supported verification method types.

MethodType

Supported verification method types.

Presentation

Proof

Represents a cryptographic proof that can be used to validate verifiable credentials and presentations.

This representation does not inherently implement any standard; instead, it can be utilized to implement standards or user-defined proofs. The presence of thetype field is necessary to accommodate different types of cryptographic proofs.

Note that this proof is not related to JWT and can be used in combination or as an alternative to it.

Resolver

Convenience type for resolving DID documents from different DID methods.

Also provides methods for resolving DID Documents associated with verifiable Credentials and Presentations.

Configuration

The resolver will only be able to resolve DID documents for methods it has been configured for in the constructor.

RevocationBitmap

A compressed bitmap for managing credential revocation.

SdJwt

Representation of an SD-JWT of the format<Issuer-signed JWT>~<Disclosure 1>~<Disclosure 2>~...~<Disclosure N>~<optional KB-JWT>.

SdJwtCredentialValidator

A type for decoding and validating Credential.

SdObjectDecoder

Substitutes digests in an SD-JWT object by their corresponding plaintext values provided by disclosures.

SdObjectEncoder

Transforms a JSON object into an SD-JWT object by substituting selected values with their corresponding disclosure digests.

Note: digests are created using the sha-256 algorithm.

Service

A DID Document Service used to enable trusted interactions associated with a DID subject.

StatusList2021

StatusList2021 data structure as described in W3C's VC status list 2021.

StatusList2021Credential

A parsed StatusList2021Credential.

StatusList2021CredentialBuilder

Builder type to construct valid StatusList2021Credential istances.

StatusList2021Entry

StatusList2021Entry implementation.

Storage

A type wrapping a JwkStorage and KeyIdStorage that should always be used together when working with storage backed DID documents.

Timestamp

UnknownCredential

VerificationMethod

A DID Document Verification Method.

Members

StatusCheck

Controls validation behaviour when checking whether or not a credential has been revoked by itscredentialStatus.

Strict

Validate the status if supported, reject any unsupportedcredentialStatus types.

Only RevocationBitmap2022 is currently supported.

This is the default.

SkipUnsupported

Validate the status if supported, skip any unsupportedcredentialStatus types.

SkipAll

Skip all status checks.

SubjectHolderRelationship

Declares how credential subjects must relate to the presentation holder.

See also the Subject-Holder Relationship section of the specification.

AlwaysSubject

The holder must always match the subject on all credentials, regardless of their nonTransferable property. This variant is the default.

SubjectOnNonTransferable

The holder must match the subject only for credentials where the nonTransferable property is true.

Any

The holder is not required to have any kind of relationship to any credential subject.

FailFast

Declares when validation should return if an error occurs.

AllErrors

Return all errors that occur during validation.

FirstError

Return after the first error occurs.

StateMetadataEncoding

MethodRelationship

CredentialStatus

StatusPurpose

Purpose of a StatusList2021.

Functions

start()

Initializes the console error panic hook for better error messages

encodeB64(data) ⇒ string

Encode the given bytes in url-safe base64.

decodeB64(data) ⇒ Uint8Array

Decode the given url-safe base64-encoded slice into its raw bytes.

verifyEd25519(alg, signingInput, decodedSignature, publicKey)

Verify a JWS signature secured with the EdDSA algorithm and curve Ed25519.

This function is useful when one is composing a IJwsVerifier that delegatesEdDSA verification with curve Ed25519 to this function.

Warning

This function does not check whether alg = EdDSA in the protected header. Callers are expected to assert this prior to calling the function.

CoreDID

A method-agnostic Decentralized Identifier (DID).

Kind: global class

• CoreDID
  • instance
    • .setMethodName(value)
    • .setMethodId(value)
    • .scheme() ⇒ string
    • .authority() ⇒ string
    • .method() ⇒ string
    • .methodId() ⇒ string
    • .join(segment) ⇒ DIDUrl
    • .toUrl() ⇒ DIDUrl
    • .intoUrl() ⇒ DIDUrl
    • .toString() ⇒ string
    • .toCoreDid() ⇒ CoreDID
    • .toJSON() ⇒ any
    • .clone() ⇒ CoreDID
  • static
    • .parse(input) ⇒ CoreDID
    • .validMethodName(value) ⇒ boolean
    • .validMethodId(value) ⇒ boolean
    • .fromJSON(json) ⇒ CoreDID

coreDID.setMethodName(value)

Set the method name of the CoreDID.

Kind: instance method of CoreDID

Param	Type
value	string

coreDID.setMethodId(value)

Set the method-specific-id of the DID.

Kind: instance method of CoreDID

Param	Type
value	string

coreDID.scheme() ⇒ string

Returns the CoreDID scheme.

E.g.

• "did:example:12345678" -> "did"
• "did:iota:smr:12345678" -> "did"

Kind: instance method of CoreDID

coreDID.authority() ⇒ string

Returns the CoreDID authority: the method name and method-id.

E.g.

• "did:example:12345678" -> "example:12345678"
• "did:iota:smr:12345678" -> "iota:smr:12345678"

Kind: instance method of CoreDID

coreDID.method() ⇒ string

Returns the CoreDID method name.

E.g.

• "did:example:12345678" -> "example"
• "did:iota:smr:12345678" -> "iota"

Kind: instance method of CoreDID

coreDID.methodId() ⇒ string

Returns the CoreDID method-specific ID.

E.g.

• "did:example:12345678" -> "12345678"
• "did:iota:smr:12345678" -> "smr:12345678"

Kind: instance method of CoreDID

coreDID.join(segment) ⇒ DIDUrl

Construct a new DIDUrl by joining with a relative DID Url string.

Kind: instance method of CoreDID

Param	Type
segment	string

coreDID.toUrl() ⇒ DIDUrl

Clones the CoreDID into a DIDUrl.

Kind: instance method of CoreDID

coreDID.intoUrl() ⇒ DIDUrl

Converts the CoreDID into a DIDUrl, consuming it.

Kind: instance method of CoreDID

coreDID.toString() ⇒ string

Returns the CoreDID as a string.

Kind: instance method of CoreDID

coreDID.toCoreDid() ⇒ CoreDID

Kind: instance method of CoreDID

coreDID.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of CoreDID

coreDID.clone() ⇒ CoreDID

Deep clones the object.

Kind: instance method of CoreDID

CoreDID.parse(input) ⇒ CoreDID

Parses a CoreDID from the given input.

Errors

Throws an error if the input is not a valid CoreDID.

Kind: static method of CoreDID

Param	Type
input	string

CoreDID.validMethodName(value) ⇒ boolean

Validates whether a string is a valid DID method name.

Kind: static method of CoreDID

Param	Type
value	string

CoreDID.validMethodId(value) ⇒ boolean

Validates whether a string is a valid DID method-id.

Kind: static method of CoreDID

Param	Type
value	string

CoreDID.fromJSON(json) ⇒ CoreDID

Deserializes an instance from a JSON object.

Kind: static method of CoreDID

Param	Type
json	any

CoreDocument

A method-agnostic DID Document.

Note: All methods that involve reading from this class may potentially raise an error if the object is being concurrently modified.

Kind: global class

• CoreDocument
  • new CoreDocument(values)
  • instance
    • .id() ⇒ CoreDID
    • .setId(id)
    • .controller() ⇒ Array.<CoreDID>
    • .setController(controllers)
    • .alsoKnownAs() ⇒ Array.<string>
    • .setAlsoKnownAs(urls)
    • .verificationMethod() ⇒ Array.<VerificationMethod>
    • .authentication() ⇒ Array.<(DIDUrl|VerificationMethod)>
    • .assertionMethod() ⇒ Array.<(DIDUrl|VerificationMethod)>
    • .keyAgreement() ⇒ Array.<(DIDUrl|VerificationMethod)>
    • .capabilityDelegation() ⇒ Array.<(DIDUrl|VerificationMethod)>
    • .capabilityInvocation() ⇒ Array.<(DIDUrl|VerificationMethod)>
    • .properties() ⇒ Map.<string, any>
    • .setPropertyUnchecked(key, value)
    • .service() ⇒ Array.<Service>
    • .insertService(service)
    • .removeService(didUrl) ⇒ Service | undefined
    • .resolveService(query) ⇒ Service | undefined
    • .methods(scope) ⇒ Array.<VerificationMethod>
    • .verificationRelationships() ⇒ Array.<(DIDUrl|VerificationMethod)>
    • .insertMethod(method, scope)
    • .removeMethod(did) ⇒ VerificationMethod | undefined
    • .resolveMethod(query, scope) ⇒ VerificationMethod | undefined
    • .attachMethodRelationship(didUrl, relationship) ⇒ boolean
    • .detachMethodRelationship(didUrl, relationship) ⇒ boolean
    • .verifyJws(jws, options, signatureVerifier, detachedPayload) ⇒ DecodedJws
    • .revokeCredentials(serviceQuery, indices)
    • .unrevokeCredentials(serviceQuery, indices)
    • .clone() ⇒ CoreDocument
    • ._shallowCloneInternal() ⇒ CoreDocument
    • ._strongCountInternal() ⇒ number
    • .toJSON() ⇒ any
    • .generateMethod(storage, keyType, alg, fragment, scope) ⇒ Promise.<string>
    • .purgeMethod(storage, id) ⇒ Promise.<void>
    • .createJws(storage, fragment, payload, options) ⇒ Promise.<Jws>
    • .createCredentialJwt(storage, fragment, credential, options, custom_claims) ⇒ Promise.<Jwt>
    • .createPresentationJwt(storage, fragment, presentation, signature_options, presentation_options) ⇒ Promise.<Jwt>
  • static
    • .fromJSON(json) ⇒ CoreDocument

new CoreDocument(values)

Creates a new CoreDocument with the given properties.

Param	Type
values	ICoreDocument

coreDocument.id() ⇒ CoreDID

Returns a copy of the DID Document id.

Kind: instance method of CoreDocument

coreDocument.setId(id)

Sets the DID of the document.

Warning

Changing the identifier can drastically alter the results of resolve_method, resolve_service and the related DID URL dereferencing algorithm.

Kind: instance method of CoreDocument

Param	Type
id	CoreDID

coreDocument.controller() ⇒ Array.<CoreDID>

Returns a copy of the document controllers.

Kind: instance method of CoreDocument

coreDocument.setController(controllers)

Sets the controllers of the DID Document.

Note: Duplicates will be ignored. Use null to remove all controllers.

Kind: instance method of CoreDocument

Param	Type
controllers	CoreDID | Array.<CoreDID> | null

coreDocument.alsoKnownAs() ⇒ Array.<string>

Returns a copy of the document's alsoKnownAs set.

Kind: instance method of CoreDocument

coreDocument.setAlsoKnownAs(urls)

Sets the alsoKnownAs property in the DID document.

Kind: instance method of CoreDocument

Param	Type
urls	string | Array.<string> | null

coreDocument.verificationMethod() ⇒ Array.<VerificationMethod>

Returns a copy of the document's verificationMethod set.

Kind: instance method of CoreDocument

coreDocument.authentication() ⇒ Array.<(DIDUrl|VerificationMethod)>

Returns a copy of the document's authentication set.

Kind: instance method of CoreDocument

coreDocument.assertionMethod() ⇒ Array.<(DIDUrl|VerificationMethod)>

Returns a copy of the document's assertionMethod set.

Kind: instance method of CoreDocument

coreDocument.keyAgreement() ⇒ Array.<(DIDUrl|VerificationMethod)>

Returns a copy of the document's keyAgreement set.

Kind: instance method of CoreDocument

coreDocument.capabilityDelegation() ⇒ Array.<(DIDUrl|VerificationMethod)>

Returns a copy of the document's capabilityDelegation set.

Kind: instance method of CoreDocument

coreDocument.capabilityInvocation() ⇒ Array.<(DIDUrl|VerificationMethod)>

Returns a copy of the document's capabilityInvocation set.

Kind: instance method of CoreDocument

coreDocument.properties() ⇒ Map.<string, any>

Returns a copy of the custom DID Document properties.

Kind: instance method of CoreDocument

coreDocument.setPropertyUnchecked(key, value)

Sets a custom property in the DID Document. If the value is set to null, the custom property will be removed.

WARNING

This method can overwrite existing properties like id and result in an invalid document.

Kind: instance method of CoreDocument

Param	Type
key	string
value	any

coreDocument.service() ⇒ Array.<Service>

Returns a set of all Service in the document.

Kind: instance method of CoreDocument

coreDocument.insertService(service)

Add a new Service to the document.

Errors if there already exists a service or verification method with the same id.

Kind: instance method of CoreDocument

Param	Type
service	Service

coreDocument.removeService(didUrl) ⇒ Service | undefined

Remove a Service identified by the given DIDUrl from the document.

Returns true if the service was removed.

Kind: instance method of CoreDocument

Param	Type
didUrl	DIDUrl

coreDocument.resolveService(query) ⇒ Service | undefined

Returns the first Service with an id property matching the provided query, if present.

Kind: instance method of CoreDocument

Param	Type
query	DIDUrl | string

coreDocument.methods(scope) ⇒ Array.<VerificationMethod>

Returns a list of all VerificationMethod in the DID Document, whose verification relationship matches scope.

If scope is not set, a list over the embedded methods is returned.

Kind: instance method of CoreDocument

Param	Type
scope	MethodScope | undefined

coreDocument.verificationRelationships() ⇒ Array.<(DIDUrl|VerificationMethod)>

Returns an array of all verification relationships.

Kind: instance method of CoreDocument

coreDocument.insertMethod(method, scope)

Adds a new method to the document in the given scope.

Kind: instance method of CoreDocument

Param	Type
method	VerificationMethod
scope	MethodScope

coreDocument.removeMethod(did) ⇒ VerificationMethod | undefined

Removes all references to the specified Verification Method.

Kind: instance method of CoreDocument

Param	Type
did	DIDUrl

coreDocument.resolveMethod(query, scope) ⇒ VerificationMethod | undefined

Returns a copy of the first verification method with an id property matching the provided query and the verification relationship specified by scope, if present.

Kind: instance method of CoreDocument

Param	Type
query	DIDUrl | string
scope	MethodScope | undefined

coreDocument.attachMethodRelationship(didUrl, relationship) ⇒ boolean

Attaches the relationship to the given method, if the method exists.

Note: The method needs to be in the set of verification methods, so it cannot be an embedded one.

Kind: instance method of CoreDocument

Param	Type
didUrl	DIDUrl
relationship	number

coreDocument.detachMethodRelationship(didUrl, relationship) ⇒ boolean

Detaches the given relationship from the given method, if the method exists.

Kind: instance method of CoreDocument

Param	Type
didUrl	DIDUrl
relationship	number

coreDocument.verifyJws(jws, options, signatureVerifier, detachedPayload) ⇒ DecodedJws

Decodes and verifies the provided JWS according to the passed options and signatureVerifier. If no signatureVerifier argument is provided a default verifier will be used that is (only) capable of verifying EdDSA signatures.

Regardless of which options are passed the following conditions must be met in order for a verification attempt to take place.

• The JWS must be encoded according to the JWS compact serialization.
• The kid value in the protected header must be an identifier of a verification method in this DID document, or set explicitly in the options.

Kind: instance method of CoreDocument

Param	Type
jws	Jws
options	JwsVerificationOptions
signatureVerifier	IJwsVerifier
detachedPayload	string | undefined

coreDocument.revokeCredentials(serviceQuery, indices)

If the document has a RevocationBitmap service identified by serviceQuery, revoke all specified indices.

Kind: instance method of CoreDocument

Param	Type
serviceQuery	DIDUrl | string
indices	number | Array.<number>

coreDocument.unrevokeCredentials(serviceQuery, indices)

If the document has a RevocationBitmap service identified by serviceQuery, unrevoke all specified indices.

Kind: instance method of CoreDocument

Param	Type
serviceQuery	DIDUrl | string
indices	number | Array.<number>

coreDocument.clone() ⇒ CoreDocument

Deep clones the CoreDocument.

Kind: instance method of CoreDocument

coreDocument._shallowCloneInternal() ⇒ CoreDocument

Warning

This is for internal use only. Do not rely on or call this method.

Kind: instance method of CoreDocument

coreDocument._strongCountInternal() ⇒ number

Warning

This is for internal use only. Do not rely on or call this method.

Kind: instance method of CoreDocument

coreDocument.toJSON() ⇒ any

Serializes to a plain JS representation.

Kind: instance method of CoreDocument

coreDocument.generateMethod(storage, keyType, alg, fragment, scope) ⇒ Promise.<string>

Generate new key material in the given storage and insert a new verification method with the corresponding public key material into the DID document.

• If no fragment is given the kid of the generated JWK is used, if it is set, otherwise an error is returned.
• The keyType must be compatible with the given storage. Storages are expected to export key type constants for that use case.

The fragment of the generated method is returned.

Kind: instance method of CoreDocument

Param	Type
storage	Storage
keyType	string
alg	JwsAlgorithm
fragment	string | undefined
scope	MethodScope

coreDocument.purgeMethod(storage, id) ⇒ Promise.<void>

Remove the method identified by the fragment from the document and delete the corresponding key material in the storage.

Kind: instance method of CoreDocument

Param	Type
storage	Storage
id	DIDUrl

coreDocument.createJws(storage, fragment, payload, options) ⇒ Promise.<Jws>

Sign the payload according to options with the storage backed private key corresponding to the public key material in the verification method identified by the given `fragment.

Upon success a string representing a JWS encoded according to the Compact JWS Serialization format is returned. See RFC7515 section 3.1.

Kind: instance method of CoreDocument

Param	Type
storage	Storage
fragment	string
payload	string
options	JwsSignatureOptions

coreDocument.createCredentialJwt(storage, fragment, credential, options, custom_claims) ⇒ Promise.<Jwt>

Produces a JWT where the payload is produced from the given credential in accordance with VC Data Model v1.1.

Unless the kid is explicitly set in the options, the kid in the protected header is the id of the method identified by fragment and the JWS signature will be produced by the corresponding private key backed by the storage in accordance with the passed options.

The custom_claims can be used to set additional claims on the resulting JWT.

Kind: instance method of CoreDocument

Param	Type
storage	Storage
fragment	string
credential	Credential
options	JwsSignatureOptions
custom_claims	Record.<string, any> | undefined

coreDocument.createPresentationJwt(storage, fragment, presentation, signature_options, presentation_options) ⇒ Promise.<Jwt>

Produces a JWT where the payload is produced from the given presentation. in accordance with VC Data Model v1.1.

Unless the kid is explicitly set in the options, the kid in the protected header is the id of the method identified by fragment and the JWS signature will be produced by the corresponding private key backed by the storage in accordance with the passed options.

Kind: instance method of CoreDocument

Param	Type
storage	Storage
fragment	string
presentation	Presentation
signature_options	JwsSignatureOptions
presentation_options	JwtPresentationOptions

CoreDocument.fromJSON(json) ⇒ CoreDocument

Deserializes an instance from a plain JS representation.

Kind: static method of CoreDocument

Param	Type
json	any

Credential

Kind: global class

• Credential
  • new Credential(values)
  • instance
    • .context() ⇒ Array.<(string|Record.<string, any>)>
    • .id() ⇒ string | undefined
    • .type() ⇒ Array.<string>
    • .credentialSubject() ⇒ Array.<Subject>
    • .issuer() ⇒ string | Issuer
    • .issuanceDate() ⇒ Timestamp
    • .expirationDate() ⇒ Timestamp | undefined
    • .credentialStatus() ⇒ Array.<Status>
    • .credentialSchema() ⇒ Array.<Schema>
    • .refreshService() ⇒ Array.<RefreshService>
    • .termsOfUse() ⇒ Array.<Policy>
    • .evidence() ⇒ Array.<Evidence>
    • .nonTransferable() ⇒ boolean | undefined
    • .proof() ⇒ Proof | undefined
    • .properties() ⇒ Map.<string, any>
    • .setProof(proof)
    • .toJwtClaims(custom_claims) ⇒ Record.<string, any>
    • .toJSON() ⇒ any
    • .clone() ⇒ Credential
  • static
    • .BaseContext() ⇒ string
    • .BaseType() ⇒ string
    • .createDomainLinkageCredential(values) ⇒ Credential
    • .fromJSON(json) ⇒ Credential

new Credential(values)

Constructs a new Credential.

Param	Type
values	ICredential

credential.context() ⇒ Array.<(string|Record.<string, any>)>

Returns a copy of the JSON-LD context(s) applicable to the Credential.

Kind: instance method of Credential

credential.id() ⇒ string | undefined

Returns a copy of the unique URI identifying the Credential .

Kind: instance method of Credential

credential.type() ⇒ Array.<string>

Returns a copy of the URIs defining the type of the Credential.

Kind: instance method of Credential

credential.credentialSubject() ⇒ Array.<Subject>

Returns a copy of the Credential subject(s).

Kind: instance method of Credential

credential.issuer() ⇒ string | Issuer

Returns a copy of the issuer of the Credential.

Kind: instance method of Credential

credential.issuanceDate() ⇒ Timestamp

Returns a copy of the timestamp of when the Credential becomes valid.

Kind: instance method of Credential

credential.expirationDate() ⇒ Timestamp | undefined

Returns a copy of the timestamp of when the Credential should no longer be considered valid.

Kind: instance method of Credential

credential.credentialStatus() ⇒ Array.<Status>

Returns a copy of the information used to determine the current status of the Credential.

Kind: instance method of Credential

credential.credentialSchema() ⇒ Array.<Schema>

Returns a copy of the information used to assist in the enforcement of a specific Credential structure.

Kind: instance method of Credential

credential.refreshService() ⇒ Array.<RefreshService>

Returns a copy of the service(s) used to refresh an expired Credential.

Kind: instance method of Credential

credential.termsOfUse() ⇒ Array.<Policy>

Returns a copy of the terms-of-use specified by the Credential issuer.

Kind: instance method of Credential

credential.evidence() ⇒ Array.<Evidence>

Returns a copy of the human-readable evidence used to support the claims within the Credential.

Kind: instance method of Credential

credential.nonTransferable() ⇒ boolean | undefined

Returns whether or not the Credential must only be contained within a Presentation with a proof issued from the Credential subject.

Kind: instance method of Credential

credential.proof() ⇒ Proof | undefined

Optional cryptographic proof, unrelated to JWT.

Kind: instance method of Credential

credential.properties() ⇒ Map.<string, any>

Returns a copy of the miscellaneous properties on the Credential.

Kind: instance method of Credential

credential.setProof(proof)

Sets the proof property of the Credential.

Note that this proof is not related to JWT.

Kind: instance method of Credential

Param	Type
proof	Proof | undefined

credential.toJwtClaims(custom_claims) ⇒ Record.<string, any>

Serializes the Credential as a JWT claims set in accordance with VC Data Model v1.1.

The resulting object can be used as the payload of a JWS when issuing the credential.

Kind: instance method of Credential

Param	Type
custom_claims	Record.<string, any> | undefined

credential.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of Credential

credential.clone() ⇒ Credential

Deep clones the object.

Kind: instance method of Credential

Credential.BaseContext() ⇒ string

Returns the base JSON-LD context.

Kind: static method of Credential

Credential.BaseType() ⇒ string

Returns the base type.

Kind: static method of Credential

Credential.createDomainLinkageCredential(values) ⇒ Credential

Kind: static method of Credential

Param	Type
values	IDomainLinkageCredential

Credential.fromJSON(json) ⇒ Credential

Deserializes an instance from a JSON object.

Kind: static method of Credential

Param	Type
json	any

CustomMethodData

A custom verification method data format.

Kind: global class

• CustomMethodData
  • new CustomMethodData(name, data)
  • instance
    • .clone() ⇒ CustomMethodData
    • .toJSON() ⇒ any
  • static
    • .fromJSON(json) ⇒ CustomMethodData

new CustomMethodData(name, data)

Param	Type
name	string
data	any

customMethodData.clone() ⇒ CustomMethodData

Deep clones the object.

Kind: instance method of CustomMethodData

customMethodData.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of CustomMethodData

CustomMethodData.fromJSON(json) ⇒ CustomMethodData

Deserializes an instance from a JSON object.

Kind: static method of CustomMethodData

Param	Type
json	any

DIDUrl

A method agnostic DID Url.

Kind: global class

• DIDUrl
  • instance
    • .did() ⇒ CoreDID
    • .urlStr() ⇒ string
    • .fragment() ⇒ string | undefined
    • .setFragment(value)
    • .path() ⇒ string | undefined
    • .setPath(value)
    • .query() ⇒ string | undefined
    • .setQuery(value)
    • .join(segment) ⇒ DIDUrl
    • .toString() ⇒ string
    • .toJSON() ⇒ any
    • .clone() ⇒ DIDUrl
  • static
    • .parse(input) ⇒ DIDUrl
    • .fromJSON(json) ⇒ DIDUrl

didUrl.did() ⇒ CoreDID

Return a copy of the CoreDID section of the DIDUrl.

Kind: instance method of DIDUrl

didUrl.urlStr() ⇒ string

Return a copy of the relative DID Url as a string, including only the path, query, and fragment.

Kind: instance method of DIDUrl

didUrl.fragment() ⇒ string | undefined

Returns a copy of the DIDUrl method fragment, if any. Excludes the leading '#'.

Kind: instance method of DIDUrl

didUrl.setFragment(value)

Sets the fragment component of the DIDUrl.

Kind: instance method of DIDUrl

Param	Type
value	string | undefined

didUrl.path() ⇒ string | undefined

Returns a copy of the DIDUrl path.

Kind: instance method of DIDUrl

didUrl.setPath(value)

Sets the path component of the DIDUrl.

Kind: instance method of DIDUrl

Param	Type
value	string | undefined

didUrl.query() ⇒ string | undefined

Returns a copy of the DIDUrl method query, if any. Excludes the leading '?'.

Kind: instance method of DIDUrl

didUrl.setQuery(value)

Sets the query component of the DIDUrl.

Kind: instance method of DIDUrl

Param	Type
value	string | undefined

didUrl.join(segment) ⇒ DIDUrl

Append a string representing a path, query, and/or fragment, returning a new DIDUrl.

Must begin with a valid delimiter character: '/', '?', '#'. Overwrites the existing URL segment and any following segments in order of path, query, then fragment.

I.e.

• joining a path will clear the query and fragment.
• joining a query will clear the fragment.
• joining a fragment will only overwrite the fragment.

Kind: instance method of DIDUrl

Param	Type
segment	string

didUrl.toString() ⇒ string

Returns the DIDUrl as a string.

Kind: instance method of DIDUrl

didUrl.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of DIDUrl

didUrl.clone() ⇒ DIDUrl

Deep clones the object.

Kind: instance method of DIDUrl

DIDUrl.parse(input) ⇒ DIDUrl

Parses a DIDUrl from the input string.

Kind: static method of DIDUrl

Param	Type
input	string

DIDUrl.fromJSON(json) ⇒ DIDUrl

Deserializes an instance from a JSON object.

Kind: static method of DIDUrl

Param	Type
json	any

DecodedJws

A cryptographically verified decoded token from a JWS.

Contains the decoded headers and the raw claims.

Kind: global class

• DecodedJws
  • .claims() ⇒ string
  • .claimsBytes() ⇒ Uint8Array
  • .protectedHeader() ⇒ JwsHeader
  • .clone() ⇒ DecodedJws
  • .toJSON() ⇒ any

decodedJws.claims() ⇒ string

Returns a copy of the parsed claims represented as a string.

Errors

An error is thrown if the claims cannot be represented as a string.

This error can only occur if the Token was decoded from a detached payload.

Kind: instance method of DecodedJws

decodedJws.claimsBytes() ⇒ Uint8Array

Return a copy of the parsed claims represented as an array of bytes.

Kind: instance method of DecodedJws

decodedJws.protectedHeader() ⇒ JwsHeader

Returns a copy of the protected header.

Kind: instance method of DecodedJws

decodedJws.clone() ⇒ DecodedJws

Deep clones the object.

Kind: instance method of DecodedJws

decodedJws.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of DecodedJws

DecodedJwtCredential

A cryptographically verified and decoded Credential.

Note that having an instance of this type only means the JWS it was constructed from was verified. It does not imply anything about a potentially present proof property on the credential itself.

Kind: global class

• DecodedJwtCredential
  • .credential() ⇒ Credential
  • .protectedHeader() ⇒ JwsHeader
  • .customClaims() ⇒ Record.<string, any> | undefined
  • .intoCredential() ⇒ Credential

decodedJwtCredential.credential() ⇒ Credential

Returns a copy of the credential parsed to the Verifiable Credentials Data model.

Kind: instance method of DecodedJwtCredential

decodedJwtCredential.protectedHeader() ⇒ JwsHeader

Returns a copy of the protected header parsed from the decoded JWS.

Kind: instance method of DecodedJwtCredential

decodedJwtCredential.customClaims() ⇒ Record.<string, any> | undefined

The custom claims parsed from the JWT.

Kind: instance method of DecodedJwtCredential

decodedJwtCredential.intoCredential() ⇒ Credential

Consumes the object and returns the decoded credential.

Warning

This destroys the DecodedJwtCredential object.

Kind: instance method of DecodedJwtCredential

DecodedJwtPresentation

A cryptographically verified and decoded presentation.

Note that having an instance of this type only means the JWS it was constructed from was verified. It does not imply anything about a potentially present proof property on the presentation itself.

Kind: global class

• DecodedJwtPresentation
  • .presentation() ⇒ Presentation
  • .protectedHeader() ⇒ JwsHeader
  • .intoPresentation() ⇒ Presentation
  • .expirationDate() ⇒ Timestamp | undefined
  • .issuanceDate() ⇒ Timestamp | undefined
  • .audience() ⇒ string | undefined
  • .customClaims() ⇒ Record.<string, any> | undefined

decodedJwtPresentation.presentation() ⇒ Presentation

Kind: instance method of DecodedJwtPresentation

decodedJwtPresentation.protectedHeader() ⇒ JwsHeader

Returns a copy of the protected header parsed from the decoded JWS.

Kind: instance method of DecodedJwtPresentation

decodedJwtPresentation.intoPresentation() ⇒ Presentation

Consumes the object and returns the decoded presentation.

Warning

This destroys the DecodedJwtPresentation object.

Kind: instance method of DecodedJwtPresentation

decodedJwtPresentation.expirationDate() ⇒ Timestamp | undefined

The expiration date parsed from the JWT claims.

Kind: instance method of DecodedJwtPresentation

decodedJwtPresentation.issuanceDate() ⇒ Timestamp | undefined

The issuance date parsed from the JWT claims.

Kind: instance method of DecodedJwtPresentation

decodedJwtPresentation.audience() ⇒ string | undefined

The aud property parsed from JWT claims.

Kind: instance method of DecodedJwtPresentation

decodedJwtPresentation.customClaims() ⇒ Record.<string, any> | undefined

The custom claims parsed from the JWT.

Kind: instance method of DecodedJwtPresentation

Disclosure

Represents an elements constructing a disclosure. Object properties and array elements disclosures are supported.

See: https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-07.html#name-disclosures

Kind: global class

• Disclosure
  • new Disclosure(salt, claim_name, claim_value)
  • instance
    • .disclosure() ⇒ string
    • .toEncodedString() ⇒ string
    • .toString() ⇒ string
    • .salt() ⇒ string
    • .claimName() ⇒ string | undefined
    • .claimValue() ⇒ any
    • .toJSON() ⇒ any
  • static
    • .parse(disclosure) ⇒ Disclosure
    • .fromJSON(json) ⇒ Disclosure

new Disclosure(salt, claim_name, claim_value)

Param	Type
salt	string
claim_name	string | undefined
claim_value	any

disclosure.disclosure() ⇒ string

Returns a copy of the base64url-encoded string.

Kind: instance method of Disclosure

disclosure.toEncodedString() ⇒ string

Returns a copy of the base64url-encoded string.

Kind: instance method of Disclosure

disclosure.toString() ⇒ string

Returns a copy of the base64url-encoded string.

Kind: instance method of Disclosure

disclosure.salt() ⇒ string

Returns a copy of the salt value.

Kind: instance method of Disclosure

disclosure.claimName() ⇒ string | undefined

Returns a copy of the claim name, optional for array elements.

Kind: instance method of Disclosure

disclosure.claimValue() ⇒ any

Returns a copy of the claim Value which can be of any type.

Kind: instance method of Disclosure

disclosure.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of Disclosure

Disclosure.parse(disclosure) ⇒ Disclosure

Parses a Base64 encoded disclosure into a Disclosure.

Error

Returns an InvalidDisclosure if input is not a valid disclosure.

Kind: static method of Disclosure

Param	Type
disclosure	string

Disclosure.fromJSON(json) ⇒ Disclosure

Deserializes an instance from a JSON object.

Kind: static method of Disclosure

Param	Type
json	any

DomainLinkageConfiguration

DID Configuration Resource which contains Domain Linkage Credentials. It can be placed in an origin's .well-known directory to prove linkage between the origin and a DID. See: https://identity.foundation/.well-known/resources/did-configuration/#did-configuration-resource

Note:

• Only the JSON Web Token Proof Format

Kind: global class

• DomainLinkageConfiguration
  • new DomainLinkageConfiguration(linkedDids)
  • instance
    • .linkedDids() ⇒ Array.<Jwt>
    • .issuers() ⇒ Array.<CoreDID>
    • .toJSON() ⇒ any
    • .clone() ⇒ DomainLinkageConfiguration
  • static
    • .fromJSON(json) ⇒ DomainLinkageConfiguration

new DomainLinkageConfiguration(linkedDids)

Constructs a new DomainLinkageConfiguration.

Param	Type
linkedDids	Array.<Jwt>

domainLinkageConfiguration.linkedDids() ⇒ Array.<Jwt>

List of the Domain Linkage Credentials.

Kind: instance method of DomainLinkageConfiguration

domainLinkageConfiguration.issuers() ⇒ Array.<CoreDID>

List of the issuers of the Domain Linkage Credentials.

Kind: instance method of DomainLinkageConfiguration

domainLinkageConfiguration.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of DomainLinkageConfiguration

domainLinkageConfiguration.clone() ⇒ DomainLinkageConfiguration

Deep clones the object.

Kind: instance method of DomainLinkageConfiguration

DomainLinkageConfiguration.fromJSON(json) ⇒ DomainLinkageConfiguration

Deserializes an instance from a JSON object.

Kind: static method of DomainLinkageConfiguration

Param	Type
json	any

Duration

A span of time.

Kind: global class

• Duration
  • instance
    • .toJSON() ⇒ any
  • static
    • .seconds(seconds) ⇒ Duration
    • .minutes(minutes) ⇒ Duration
    • .hours(hours) ⇒ Duration
    • .days(days) ⇒ Duration
    • .weeks(weeks) ⇒ Duration
    • .fromJSON(json) ⇒ Duration

duration.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of Duration

Duration.seconds(seconds) ⇒ Duration

Create a new Duration with the given number of seconds.

Kind: static method of Duration

Param	Type
seconds	number

Duration.minutes(minutes) ⇒ Duration

Create a new Duration with the given number of minutes.

Kind: static method of Duration

Param	Type
minutes	number

Duration.hours(hours) ⇒ Duration

Create a new Duration with the given number of hours.

Kind: static method of Duration

Param	Type
hours	number

Duration.days(days) ⇒ Duration

Create a new Duration with the given number of days.

Kind: static method of Duration

Param	Type
days	number

Duration.weeks(weeks) ⇒ Duration

Create a new Duration with the given number of weeks.

Kind: static method of Duration

Param	Type
weeks	number

Duration.fromJSON(json) ⇒ Duration

Deserializes an instance from a JSON object.

Kind: static method of Duration

Param	Type
json	any

EdDSAJwsVerifier

An implementor of IJwsVerifier that can handle the EdDSA algorithm.

Kind: global class

• EdDSAJwsVerifier
  • new EdDSAJwsVerifier()
  • .verify(alg, signingInput, decodedSignature, publicKey)

new EdDSAJwsVerifier()

Constructs an EdDSAJwsVerifier.

edDSAJwsVerifier.verify(alg, signingInput, decodedSignature, publicKey)

Verify a JWS signature secured with the EdDSA algorithm. Only the Ed25519 curve is supported for now.

This function is useful when one is building an IJwsVerifier that extends the default provided by the IOTA Identity Framework.

Warning

This function does not check whether alg = EdDSA in the protected header. Callers are expected to assert this prior to calling the function.

Kind: instance method of EdDSAJwsVerifier

Param	Type
alg	JwsAlgorithm
signingInput	Uint8Array
decodedSignature	Uint8Array
publicKey	Jwk

IotaDID

A DID conforming to the IOTA DID method specification.

Kind: global class

• IotaDID
  • new IotaDID(bytes, network)
  • instance
    • .network() ⇒ string
    • .tag() ⇒ string
    • .toCoreDid() ⇒ CoreDID
    • .scheme() ⇒ string
    • .authority() ⇒ string
    • .method() ⇒ string
    • .methodId() ⇒ string
    • .join(segment) ⇒ DIDUrl
    • .toUrl() ⇒ DIDUrl
    • .toAliasId() ⇒ string
    • .intoUrl() ⇒ DIDUrl
    • .toString() ⇒ string
    • .toJSON() ⇒ any
    • .clone() ⇒ IotaDID
  • static
    • .METHOD ⇒ string
    • .DEFAULT_NETWORK ⇒ string
    • .fromAliasId(aliasId, network) ⇒ IotaDID
    • .placeholder(network) ⇒ IotaDID
    • .parse(input) ⇒ IotaDID
    • .fromJSON(json) ⇒ IotaDID

new IotaDID(bytes, network)

Constructs a new IotaDID from a byte representation of the tag and the given network name.

See also placeholder.

Param	Type
bytes	Uint8Array
network	string

did.network() ⇒ string

Returns the Tangle network name of the IotaDID.

Kind: instance method of IotaDID

did.tag() ⇒ string

Returns a copy of the unique tag of the IotaDID.

Kind: instance method of IotaDID

did.toCoreDid() ⇒ CoreDID

Returns the DID represented as a CoreDID.

Kind: instance method of IotaDID

did.scheme() ⇒ string

Returns the DID scheme.

E.g.

• "did:example:12345678" -> "did"
• "did:iota:main:12345678" -> "did"

Kind: instance method of IotaDID

did.authority() ⇒ string

Returns the DID authority: the method name and method-id.

E.g.

• "did:example:12345678" -> "example:12345678"
• "did:iota:main:12345678" -> "iota:main:12345678"

Kind: instance method of IotaDID

did.method() ⇒ string

Returns the DID method name.

E.g.

• "did:example:12345678" -> "example"
• "did:iota:main:12345678" -> "iota"

Kind: instance method of IotaDID

did.methodId() ⇒ string

Returns the DID method-specific ID.

E.g.

• "did:example:12345678" -> "12345678"
• "did:iota:main:12345678" -> "main:12345678"

Kind: instance method of IotaDID

did.join(segment) ⇒ DIDUrl

Construct a new DIDUrl by joining with a relative DID Url string.

Kind: instance method of IotaDID

Param	Type
segment	string

did.toUrl() ⇒ DIDUrl

Clones the DID into a DIDUrl.

Kind: instance method of IotaDID

did.toAliasId() ⇒ string

Returns the hex-encoded AliasId with a '0x' prefix, from the DID tag.

Kind: instance method of IotaDID

did.intoUrl() ⇒ DIDUrl

Converts the DID into a DIDUrl, consuming it.

Kind: instance method of IotaDID

did.toString() ⇒ string

Returns the DID as a string.

Kind: instance method of IotaDID

did.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of IotaDID

did.clone() ⇒ IotaDID

Deep clones the object.

Kind: instance method of IotaDID

IotaDID.METHOD ⇒ string

The IOTA DID method name ("iota").

Kind: static property of IotaDID

IotaDID.DEFAULT_NETWORK ⇒ string

The default Tangle network ("iota").

Kind: static property of IotaDID

IotaDID.fromAliasId(aliasId, network) ⇒ IotaDID

Constructs a new IotaDID from a hex representation of an Alias Id and the given network name.

Kind: static method of IotaDID

Param	Type
aliasId	string
network	string

IotaDID.placeholder(network) ⇒ IotaDID

Creates a new placeholder IotaDID with the given network name.

E.g. did:iota:smr:0x0000000000000000000000000000000000000000000000000000000000000000.

Kind: static method of IotaDID

Param	Type
network	string

IotaDID.parse(input) ⇒ IotaDID

Parses a IotaDID from the input string.

Kind: static method of IotaDID

Param	Type
input	string

IotaDID.fromJSON(json) ⇒ IotaDID

Deserializes an instance from a JSON object.

Kind: static method of IotaDID

Param	Type
json	any

IotaDocument

A DID Document adhering to the IOTA DID method specification.

Note: All methods that involve reading from this class may potentially raise an error if the object is being concurrently modified.

Kind: global class

• IotaDocument
  • new IotaDocument(network)
  • instance
    • .id() ⇒ IotaDID
    • .controller() ⇒ Array.<IotaDID>
    • .setController(controller)
    • .alsoKnownAs() ⇒ Array.<string>
    • .setAlsoKnownAs(urls)
    • .properties() ⇒ Map.<string, any>
    • .setPropertyUnchecked(key, value)
    • .service() ⇒ Array.<Service>
    • .insertService(service)
    • .removeService(did) ⇒ Service | undefined
    • .resolveService(query) ⇒ Service | undefined
    • .methods(scope) ⇒ Array.<VerificationMethod>
    • .insertMethod(method, scope)
    • .removeMethod(did) ⇒ VerificationMethod | undefined
    • .resolveMethod(query, scope) ⇒ VerificationMethod | undefined
    • .attachMethodRelationship(didUrl, relationship) ⇒ boolean
    • .detachMethodRelationship(didUrl, relationship) ⇒ boolean
    • .verifyJws(jws, options, signatureVerifier, detachedPayload) ⇒ DecodedJws
    • .pack() ⇒ Uint8Array
    • .packWithEncoding(encoding) ⇒ Uint8Array
    • .metadata() ⇒ IotaDocumentMetadata
    • .metadataCreated() ⇒ Timestamp | undefined
    • .setMetadataCreated(timestamp)
    • .metadataUpdated() ⇒ Timestamp | undefined
    • .setMetadataUpdated(timestamp)
    • .metadataDeactivated() ⇒ boolean | undefined
    • .setMetadataDeactivated(deactivated)
    • .metadataStateControllerAddress() ⇒ string | undefined
    • .metadataGovernorAddress() ⇒ string | undefined
    • .setMetadataPropertyUnchecked(key, value)
    • .revokeCredentials(serviceQuery, indices)
    • .unrevokeCredentials(serviceQuery, indices)
    • .clone() ⇒ IotaDocument
    • ._shallowCloneInternal() ⇒ IotaDocument
    • ._strongCountInternal() ⇒ number
    • .toJSON() ⇒ any
    • .toCoreDocument() ⇒ CoreDocument
    • .generateMethod(storage, keyType, alg, fragment, scope) ⇒ Promise.<string>
    • .purgeMethod(storage, id) ⇒ Promise.<void>
    • .createJwt(storage, fragment, payload, options) ⇒ Promise.<Jws>
    • .createJws(storage, fragment, payload, options) ⇒ Promise.<Jws>
    • .createCredentialJwt(storage, fragment, credential, options, custom_claims) ⇒ Promise.<Jwt>
    • .createPresentationJwt(storage, fragment, presentation, signature_options, presentation_options) ⇒ Promise.<Jwt>
  • static
    • .newWithId(id) ⇒ IotaDocument
    • .unpackFromOutput(did, aliasOutput, allowEmpty) ⇒ IotaDocument
    • .unpackFromBlock(network, block) ⇒ Array.<IotaDocument>
    • .fromJSON(json) ⇒ IotaDocument

new IotaDocument(network)

Constructs an empty IOTA DID Document with a placeholder identifier for the given network.

Param	Type
network	string

iotaDocument.id() ⇒ IotaDID

Returns a copy of the DID Document id.

Kind: instance method of IotaDocument

iotaDocument.controller() ⇒ Array.<IotaDID>

Returns a copy of the list of document controllers.

NOTE: controllers are determined by the state_controller unlock condition of the output during resolution and are omitted when publishing.

Kind: instance method of IotaDocument

iotaDocument.setController(controller)

Sets the controllers of the document.

Note: Duplicates will be ignored. Use null to remove all controllers.

Kind: instance method of IotaDocument

Param	Type
controller	Array.<IotaDID> | null

iotaDocument.alsoKnownAs() ⇒ Array.<string>

Returns a copy of the document's alsoKnownAs set.

Kind: instance method of IotaDocument

iotaDocument.setAlsoKnownAs(urls)

Sets the alsoKnownAs property in the DID document.

Kind: instance method of IotaDocument

Param	Type
urls	string | Array.<string> | null

iotaDocument.properties() ⇒ Map.<string, any>

Returns a copy of the custom DID Document properties.

Kind: instance method of IotaDocument

iotaDocument.setPropertyUnchecked(key, value)

Sets a custom property in the DID Document. If the value is set to null, the custom property will be removed.

WARNING

This method can overwrite existing properties like id and result in an invalid document.

Kind: instance method of IotaDocument

Param	Type
key	string
value	any

iotaDocument.service() ⇒ Array.<Service>

Return a set of all Service in the document.

Kind: instance method of IotaDocument

iotaDocument.insertService(service)

Add a new Service to the document.

Returns true if the service was added.

Kind: instance method of IotaDocument

Param	Type
service	Service

iotaDocument.removeService(did) ⇒ Service | undefined

Remove a Service identified by the given DIDUrl from the document.

Returns true if a service was removed.

Kind: instance method of IotaDocument

Param	Type
did	DIDUrl

iotaDocument.resolveService(query) ⇒ Service | undefined

Returns the first Service with an id property matching the provided query, if present.

Kind: instance method of IotaDocument

Param	Type
query	DIDUrl | string

iotaDocument.methods(scope) ⇒ Array.<VerificationMethod>

Returns a list of all VerificationMethod in the DID Document, whose verification relationship matches scope.

If scope is not set, a list over the embedded methods is returned.

Kind: instance method of IotaDocument

Param	Type
scope	MethodScope | undefined

iotaDocument.insertMethod(method, scope)

Adds a new method to the document in the given scope.

Kind: instance method of IotaDocument

Param	Type
method	VerificationMethod
scope	MethodScope

iotaDocument.removeMethod(did) ⇒ VerificationMethod | undefined

Removes all references to the specified Verification Method.

Kind: instance method of IotaDocument

Param	Type
did	DIDUrl

iotaDocument.resolveMethod(query, scope) ⇒ VerificationMethod | undefined

Returns a copy of the first verification method with an id property matching the provided query and the verification relationship specified by scope, if present.

Kind: instance method of IotaDocument

Param	Type
query	DIDUrl | string
scope	MethodScope | undefined

iotaDocument.attachMethodRelationship(didUrl, relationship) ⇒ boolean

Attaches the relationship to the given method, if the method exists.

Note: The method needs to be in the set of verification methods, so it cannot be an embedded one.

Kind: instance method of IotaDocument

Param	Type
didUrl	DIDUrl
relationship	number

iotaDocument.detachMethodRelationship(didUrl, relationship) ⇒ boolean

Detaches the given relationship from the given method, if the method exists.

Kind: instance method of IotaDocument

Param	Type
didUrl	DIDUrl
relationship	number

iotaDocument.verifyJws(jws, options, signatureVerifier, detachedPayload) ⇒ DecodedJws

Decodes and verifies the provided JWS according to the passed options and signatureVerifier. If no signatureVerifier argument is provided a default verifier will be used that is (only) capable of verifying EdDSA signatures.

Regardless of which options are passed the following conditions must be met in order for a verification attempt to take place.

• The JWS must be encoded according to the JWS compact serialization.
• The kid value in the protected header must be an identifier of a verification method in this DID document.

Kind: instance method of IotaDocument

Param	Type
jws	Jws
options	JwsVerificationOptions
signatureVerifier	IJwsVerifier
detachedPayload	string | undefined

iotaDocument.pack() ⇒ Uint8Array

Serializes the document for inclusion in an Alias Output's state metadata with the default StateMetadataEncoding.

Kind: instance method of IotaDocument

iotaDocument.packWithEncoding(encoding) ⇒ Uint8Array

Serializes the document for inclusion in an Alias Output's state metadata.

Kind: instance method of IotaDocument

Param	Type
encoding	number

iotaDocument.metadata() ⇒ IotaDocumentMetadata

Returns a copy of the metadata associated with this document.

NOTE: Copies all the metadata. See also metadataCreated, metadataUpdated, metadataPreviousMessageId, metadataProof if only a subset of the metadata required.

Kind: instance method of IotaDocument

iotaDocument.metadataCreated() ⇒ Timestamp | undefined

Returns a copy of the timestamp of when the DID document was created.

Kind: instance method of IotaDocument

iotaDocument.setMetadataCreated(timestamp)

Sets the timestamp of when the DID document was created.

Kind: instance method of IotaDocument

Param	Type
timestamp	Timestamp | undefined

iotaDocument.metadataUpdated() ⇒ Timestamp | undefined

Returns a copy of the timestamp of the last DID document update.

Kind: instance method of IotaDocument

iotaDocument.setMetadataUpdated(timestamp)

Sets the timestamp of the last DID document update.

Kind: instance method of IotaDocument

Param	Type
timestamp	Timestamp | undefined

iotaDocument.metadataDeactivated() ⇒ boolean | undefined

Returns a copy of the deactivated status of the DID document.

Kind: instance method of IotaDocument

iotaDocument.setMetadataDeactivated(deactivated)

Sets the deactivated status of the DID document.

Kind: instance method of IotaDocument

Param	Type
deactivated	boolean | undefined

iotaDocument.metadataStateControllerAddress() ⇒ string | undefined

Returns a copy of the Bech32-encoded state controller address, if present.

Kind: instance method of IotaDocument

iotaDocument.metadataGovernorAddress() ⇒ string | undefined

Returns a copy of the Bech32-encoded governor address, if present.

Kind: instance method of IotaDocument

iotaDocument.setMetadataPropertyUnchecked(key, value)

Sets a custom property in the document metadata. If the value is set to null, the custom property will be removed.

Kind: instance method of IotaDocument

Param	Type
key	string
value	any

iotaDocument.revokeCredentials(serviceQuery, indices)

If the document has a RevocationBitmap service identified by serviceQuery, revoke all specified indices.

Kind: instance method of IotaDocument

Param	Type
serviceQuery	DIDUrl | string
indices	number | Array.<number>

iotaDocument.unrevokeCredentials(serviceQuery, indices)

If the document has a RevocationBitmap service identified by serviceQuery, unrevoke all specified indices.

Kind: instance method of IotaDocument

Param	Type
serviceQuery	DIDUrl | string
indices	number | Array.<number>

iotaDocument.clone() ⇒ IotaDocument

Returns a deep clone of the IotaDocument.

Kind: instance method of IotaDocument

iotaDocument._shallowCloneInternal() ⇒ IotaDocument

Warning

This is for internal use only. Do not rely on or call this method.

Kind: instance method of IotaDocument

iotaDocument._strongCountInternal() ⇒ number

Warning

This is for internal use only. Do not rely on or call this method.

Kind: instance method of IotaDocument

iotaDocument.toJSON() ⇒ any

Serializes to a plain JS representation.

Kind: instance method of IotaDocument

iotaDocument.toCoreDocument() ⇒ CoreDocument

Transforms the IotaDocument to its CoreDocument representation.

Kind: instance method of IotaDocument

iotaDocument.generateMethod(storage, keyType, alg, fragment, scope) ⇒ Promise.<string>

Generate new key material in the given storage and insert a new verification method with the corresponding public key material into the DID document.

• If no fragment is given the kid of the generated JWK is used, if it is set, otherwise an error is returned.
• The keyType must be compatible with the given storage. Storages are expected to export key type constants for that use case.

The fragment of the generated method is returned.

Kind: instance method of IotaDocument

Param	Type
storage	Storage
keyType	string
alg	JwsAlgorithm
fragment	string | undefined
scope	MethodScope

iotaDocument.purgeMethod(storage, id) ⇒ Promise.<void>

Remove the method identified by the given fragment from the document and delete the corresponding key material in the given storage.

Kind: instance method of IotaDocument

Param	Type
storage	Storage
id	DIDUrl

iotaDocument.createJwt(storage, fragment, payload, options) ⇒ Promise.<Jws>

Deprecated

Sign the payload according to options with the storage backed private key corresponding to the public key material in the verification method identified by the given `fragment.

Upon success a string representing a JWS encoded according to the Compact JWS Serialization format is returned. See RFC7515 section 3.1.

Kind: instance method of IotaDocument

Param	Type
storage	Storage
fragment	string
payload	string
options	JwsSignatureOptions

iotaDocument.createJws(storage, fragment, payload, options) ⇒ Promise.<Jws>

Sign the payload according to options with the storage backed private key corresponding to the public key material in the verification method identified by the given `fragment.

Upon success a string representing a JWS encoded according to the Compact JWS Serialization format is returned. See RFC7515 section 3.1.

Kind: instance method of IotaDocument

Param	Type
storage	Storage
fragment	string
payload	string
options	JwsSignatureOptions

iotaDocument.createCredentialJwt(storage, fragment, credential, options, custom_claims) ⇒ Promise.<Jwt>

Produces a JWS where the payload is produced from the given credential in accordance with VC Data Model v1.1.

Unless the kid is explicitly set in the options, the kid in the protected header is the id of the method identified by fragment and the JWS signature will be produced by the corresponding private key backed by the storage in accordance with the passed options.

The custom_claims can be used to set additional claims on the resulting JWT.

Kind: instance method of IotaDocument

Param	Type
storage	Storage
fragment	string
credential	Credential
options	JwsSignatureOptions
custom_claims	Record.<string, any> | undefined

iotaDocument.createPresentationJwt(storage, fragment, presentation, signature_options, presentation_options) ⇒ Promise.<Jwt>

Produces a JWT where the payload is produced from the given presentation. in accordance with VC Data Model v1.1.

Unless the kid is explicitly set in the options, the kid in the protected header is the id of the method identified by fragment and the JWS signature will be produced by the corresponding private key backed by the storage in accordance with the passed options.

Kind: instance method of IotaDocument

Param	Type
storage	Storage
fragment	string
presentation	Presentation
signature_options	JwsSignatureOptions
presentation_options	JwtPresentationOptions

IotaDocument.newWithId(id) ⇒ IotaDocument

Constructs an empty DID Document with the given identifier.

Kind: static method of IotaDocument

Param	Type
id	IotaDID

IotaDocument.unpackFromOutput(did, aliasOutput, allowEmpty) ⇒ IotaDocument

Deserializes the document from an Alias Output.

If allowEmpty is true, this will return an empty DID document marked as deactivated if stateMetadata is empty.

The tokenSupply must be equal to the token supply of the network the DID is associated with.

NOTE: did is required since it is omitted from the serialized DID Document and cannot be inferred from the state metadata. It also indicates the network, which is not encoded in the AliasId alone.

Kind: static method of IotaDocument

Param	Type
did	IotaDID
aliasOutput	AliasOutputBuilderParams
allowEmpty	boolean

IotaDocument.unpackFromBlock(network, block) ⇒ Array.<IotaDocument>

Returns all DID documents of the Alias Outputs contained in the block's transaction payload outputs, if any.

Errors if any Alias Output does not contain a valid or empty DID Document.

Kind: static method of IotaDocument

Param	Type
network	string
block	Block

IotaDocument.fromJSON(json) ⇒ IotaDocument

Deserializes an instance from a plain JS representation.

Kind: static method of IotaDocument

Param	Type
json	any

IotaDocumentMetadata

Additional attributes related to an IOTA DID Document.

Kind: global class

• IotaDocumentMetadata
  • instance
    • .created() ⇒ Timestamp | undefined
    • .updated() ⇒ Timestamp | undefined
    • .deactivated() ⇒ boolean | undefined
    • .stateControllerAddress() ⇒ string | undefined
    • .governorAddress() ⇒ string | undefined
    • .properties() ⇒ Map.<string, any>
    • .toJSON() ⇒ any
    • .clone() ⇒ IotaDocumentMetadata
  • static
    • .fromJSON(json) ⇒ IotaDocumentMetadata

iotaDocumentMetadata.created() ⇒ Timestamp | undefined

Returns a copy of the timestamp of when the DID document was created.

Kind: instance method of IotaDocumentMetadata

iotaDocumentMetadata.updated() ⇒ Timestamp | undefined

Returns a copy of the timestamp of the last DID document update.

Kind: instance method of IotaDocumentMetadata

iotaDocumentMetadata.deactivated() ⇒ boolean | undefined

Returns a copy of the deactivated status of the DID document.

Kind: instance method of IotaDocumentMetadata

iotaDocumentMetadata.stateControllerAddress() ⇒ string | undefined

Returns a copy of the Bech32-encoded state controller address, if present.

Kind: instance method of IotaDocumentMetadata

iotaDocumentMetadata.governorAddress() ⇒ string | undefined

Returns a copy of the Bech32-encoded governor address, if present.

Kind: instance method of IotaDocumentMetadata

iotaDocumentMetadata.properties() ⇒ Map.<string, any>

Returns a copy of the custom metadata properties.

Kind: instance method of IotaDocumentMetadata

iotaDocumentMetadata.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of IotaDocumentMetadata

iotaDocumentMetadata.clone() ⇒ IotaDocumentMetadata

Deep clones the object.

Kind: instance method of IotaDocumentMetadata

IotaDocumentMetadata.fromJSON(json) ⇒ IotaDocumentMetadata

Deserializes an instance from a JSON object.

Kind: static method of IotaDocumentMetadata

Param	Type
json	any

IotaIdentityClientExt

An extension interface that provides helper functions for publication and resolution of DID documents in Alias Outputs.

Kind: global class

• IotaIdentityClientExt
  • .newDidOutput(client, address, document, rentStructure) ⇒ Promise.<AliasOutputBuilderParams>
  • .updateDidOutput(client, document) ⇒ Promise.<AliasOutputBuilderParams>
  • .deactivateDidOutput(client, did) ⇒ Promise.<AliasOutputBuilderParams>
  • .resolveDid(client, did) ⇒ Promise.<IotaDocument>
  • .resolveDidOutput(client, did) ⇒ Promise.<AliasOutputBuilderParams>

IotaIdentityClientExt.newDidOutput(client, address, document, rentStructure) ⇒ Promise.<AliasOutputBuilderParams>

Create a DID with a new Alias Output containing the given document.

The address will be set as the state controller and governor unlock conditions. The minimum required token deposit amount will be set according to the given rent_structure, which will be fetched from the node if not provided. The returned Alias Output can be further customised before publication, if desired.

NOTE: this does not publish the Alias Output.

Kind: static method of IotaIdentityClientExt

Param	Type
client	IIotaIdentityClient
address	Address
document	IotaDocument
rentStructure	IRent | undefined

IotaIdentityClientExt.updateDidOutput(client, document) ⇒ Promise.<AliasOutputBuilderParams>

Fetches the associated Alias Output and updates it with document in its state metadata. The storage deposit on the output is left unchanged. If the size of the document increased, the amount should be increased manually.

NOTE: this does not publish the updated Alias Output.

Kind: static method of IotaIdentityClientExt

Param	Type
client	IIotaIdentityClient
document	IotaDocument

IotaIdentityClientExt.deactivateDidOutput(client, did) ⇒ Promise.<AliasOutputBuilderParams>

Removes the DID document from the state metadata of its Alias Output, effectively deactivating it. The storage deposit on the output is left unchanged, and should be reallocated manually.

Deactivating does not destroy the output. Hence, it can be re-activated by publishing an update containing a DID document.

NOTE: this does not publish the updated Alias Output.

Kind: static method of IotaIdentityClientExt

Param	Type
client	IIotaIdentityClient
did	IotaDID

IotaIdentityClientExt.resolveDid(client, did) ⇒ Promise.<IotaDocument>

Resolve a IotaDocument. Returns an empty, deactivated document if the state metadata of the Alias Output is empty.

Kind: static method of IotaIdentityClientExt

Param	Type
client	IIotaIdentityClient
did	IotaDID

IotaIdentityClientExt.resolveDidOutput(client, did) ⇒ Promise.<AliasOutputBuilderParams>

Fetches the IAliasOutput associated with the given DID.

Kind: static method of IotaIdentityClientExt

Param	Type
client	IIotaIdentityClient
did	IotaDID

Jwk

Kind: global class

• Jwk
  • new Jwk(jwk)
  • instance
    • .kty() ⇒ JwkType
    • .use() ⇒ JwkUse | undefined
    • .keyOps() ⇒ Array.<JwkOperation>
    • .alg() ⇒ JwsAlgorithm | undefined
    • .kid() ⇒ string | undefined
    • .x5u() ⇒ string | undefined
    • .x5c() ⇒ Array.<string>
    • .x5t() ⇒ string | undefined
    • .x5t256() ⇒ string | undefined
    • .paramsEc() ⇒ JwkParamsEc | undefined
    • .paramsOkp() ⇒ JwkParamsOkp | undefined
    • .paramsOct() ⇒ JwkParamsOct | undefined
    • .paramsRsa() ⇒ JwkParamsRsa | undefined
    • .toPublic() ⇒ Jwk | undefined
    • .isPublic() ⇒ boolean
    • .isPrivate() ⇒ boolean
    • .toJSON() ⇒ any
    • .clone() ⇒ Jwk
  • static
    • .fromJSON(json) ⇒ Jwk

new Jwk(jwk)

Param	Type
jwk	IJwkParams

jwk.kty() ⇒ JwkType

Returns the value for the key type parameter (kty).

Kind: instance method of Jwk

jwk.use() ⇒ JwkUse | undefined

Returns the value for the use property (use).

Kind: instance method of Jwk

jwk.keyOps() ⇒ Array.<JwkOperation>

Kind: instance method of Jwk

jwk.alg() ⇒ JwsAlgorithm | undefined

Returns the value for the algorithm property (alg).

Kind: instance method of Jwk

jwk.kid() ⇒ string | undefined

Returns the value of the key ID property (kid).

Kind: instance method of Jwk

jwk.x5u() ⇒ string | undefined

Returns the value of the X.509 URL property (x5u).

Kind: instance method of Jwk

jwk.x5c() ⇒ Array.<string>

Returns the value of the X.509 certificate chain property (x5c).

Kind: instance method of Jwk

jwk.x5t() ⇒ string | undefined

Returns the value of the X.509 certificate SHA-1 thumbprint property (x5t).

Kind: instance method of Jwk

jwk.x5t256() ⇒ string | undefined

Returns the value of the X.509 certificate SHA-256 thumbprint property (x5t#S256).

Kind: instance method of Jwk

jwk.paramsEc() ⇒ JwkParamsEc | undefined

If this JWK is of kty EC, returns those parameters.

Kind: instance method of Jwk

jwk.paramsOkp() ⇒ JwkParamsOkp | undefined

If this JWK is of kty OKP, returns those parameters.

Kind: instance method of Jwk

jwk.paramsOct() ⇒ JwkParamsOct | undefined

If this JWK is of kty OCT, returns those parameters.

Kind: instance method of Jwk

jwk.paramsRsa() ⇒ JwkParamsRsa | undefined

If this JWK is of kty RSA, returns those parameters.

Kind: instance method of Jwk

jwk.toPublic() ⇒ Jwk | undefined

Returns a clone of the Jwk with all private key components unset. Nothing is returned when kty = oct as this key type is not considered public by this library.

Kind: instance method of Jwk

jwk.isPublic() ⇒ boolean

Returns true if all private key components of the key are unset, false otherwise.

Kind: instance method of Jwk

jwk.isPrivate() ⇒ boolean

Returns true if all private key components of the key are set, false otherwise.

Kind: instance method of Jwk

jwk.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of Jwk

jwk.clone() ⇒ Jwk

Deep clones the object.

Kind: instance method of Jwk

Jwk.fromJSON(json) ⇒ Jwk

Deserializes an instance from a JSON object.

Kind: static method of Jwk

Param	Type
json	any

JwkGenOutput

The result of a key generation in JwkStorage.

Kind: global class

• JwkGenOutput
  • new JwkGenOutput(key_id, jwk)
  • instance
    • .jwk() ⇒ Jwk
    • .keyId() ⇒ string
    • .toJSON() ⇒ any
    • .clone() ⇒ JwkGenOutput
  • static
    • .fromJSON(json) ⇒ JwkGenOutput

new JwkGenOutput(key_id, jwk)

Param	Type
key_id	string
jwk	Jwk

jwkGenOutput.jwk() ⇒ Jwk

Returns the generated public Jwk.

Kind: instance method of JwkGenOutput

jwkGenOutput.keyId() ⇒ string

Returns the key id of the generated Jwk.

Kind: instance method of JwkGenOutput

jwkGenOutput.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of JwkGenOutput

jwkGenOutput.clone() ⇒ JwkGenOutput

Deep clones the object.

Kind: instance method of JwkGenOutput

JwkGenOutput.fromJSON(json) ⇒ JwkGenOutput

Deserializes an instance from a JSON object.

Kind: static method of JwkGenOutput

Param	Type
json	any

Jws

A wrapper around a JSON Web Signature (JWS).

Kind: global class

• Jws
  • new Jws(jws_string)
  • .toString() ⇒ string

new Jws(jws_string)

Creates a new Jws from the given string.

Param	Type
jws_string	string

jws.toString() ⇒ string

Returns a clone of the JWS string.

Kind: instance method of Jws

JwsHeader

Kind: global class

• JwsHeader
  • new JwsHeader()
  • instance
    • .alg() ⇒ JwsAlgorithm | undefined
    • .setAlg(value)
    • .b64() ⇒ boolean | undefined
    • .setB64(value)
    • .custom() ⇒ Record.<string, any> | undefined
    • .has(claim) ⇒ boolean
    • .isDisjoint(other) ⇒ boolean
    • .jku() ⇒ string | undefined
    • .setJku(value)
    • .jwk() ⇒ Jwk | undefined
    • .setJwk(value)
    • .kid() ⇒ string | undefined
    • .setKid(value)
    • .x5u() ⇒ string | undefined
    • .setX5u(value)
    • .x5c() ⇒ Array.<string>
    • .setX5c(value)
    • .x5t() ⇒ string | undefined
    • .setX5t(value)
    • .x5tS256() ⇒ string | undefined
    • .setX5tS256(value)
    • .typ() ⇒ string | undefined
    • .setTyp(value)
    • .cty() ⇒ string | undefined
    • .setCty(value)
    • .crit() ⇒ Array.<string>
    • .setCrit(value)
    • .url() ⇒ string | undefined
    • .setUrl(value)
    • .nonce() ⇒ string | undefined
    • .setNonce(value)
    • .toJSON() ⇒ any
    • .clone() ⇒ JwsHeader
  • static
    • .fromJSON(json) ⇒ JwsHeader

new JwsHeader()

Create a new empty JwsHeader.

jwsHeader.alg() ⇒ JwsAlgorithm | undefined

Returns the value for the algorithm claim (alg).

Kind: instance method of JwsHeader

jwsHeader.setAlg(value)

Sets a value for the algorithm claim (alg).

Kind: instance method of JwsHeader

Param	Type
value	JwsAlgorithm

jwsHeader.b64() ⇒ boolean | undefined

Returns the value of the base64url-encode payload claim (b64).

Kind: instance method of JwsHeader

jwsHeader.setB64(value)

Sets a value for the base64url-encode payload claim (b64).

Kind: instance method of JwsHeader

Param	Type
value	boolean

jwsHeader.custom() ⇒ Record.<string, any> | undefined

Additional header parameters.

Kind: instance method of JwsHeader

jwsHeader.has(claim) ⇒ boolean

Kind: instance method of JwsHeader

Param	Type
claim	string

jwsHeader.isDisjoint(other) ⇒ boolean

Returns true if none of the fields are set in both self and other.

Kind: instance method of JwsHeader

Param	Type
other	JwsHeader

jwsHeader.jku() ⇒ string | undefined

Returns the value of the JWK Set URL claim (jku).

Kind: instance method of JwsHeader

jwsHeader.setJku(value)

Sets a value for the JWK Set URL claim (jku).

Kind: instance method of JwsHeader

Param	Type
value	string

jwsHeader.jwk() ⇒ Jwk | undefined

Returns the value of the JWK claim (jwk).

Kind: instance method of JwsHeader

jwsHeader.setJwk(value)

Sets a value for the JWK claim (jwk).

Kind: instance method of JwsHeader

Param	Type
value	Jwk

jwsHeader.kid() ⇒ string | undefined

Returns the value of the key ID claim (kid).

Kind: instance method of JwsHeader

jwsHeader.setKid(value)

Sets a value for the key ID claim (kid).

Kind: instance method of JwsHeader

Param	Type
value	string

jwsHeader.x5u() ⇒ string | undefined

Returns the value of the X.509 URL claim (x5u).

Kind: instance method of JwsHeader

jwsHeader.setX5u(value)

Sets a value for the X.509 URL claim (x5u).

Kind: instance method of JwsHeader

Param	Type
value	string

jwsHeader.x5c() ⇒ Array.<string>

Returns the value of the X.509 certificate chain claim (x5c).

Kind: instance method of JwsHeader

jwsHeader.setX5c(value)

Sets values for the X.509 certificate chain claim (x5c).

Kind: instance method of JwsHeader

Param	Type
value	Array.<string>

jwsHeader.x5t() ⇒ string | undefined

Returns the value of the X.509 certificate SHA-1 thumbprint claim (x5t).

Kind: instance method of JwsHeader

jwsHeader.setX5t(value)

Sets a value for the X.509 certificate SHA-1 thumbprint claim (x5t).

Kind: instance method of JwsHeader

Param	Type
value	string

jwsHeader.x5tS256() ⇒ string | undefined

Returns the value of the X.509 certificate SHA-256 thumbprint claim (x5t#S256).

Kind: instance method of JwsHeader

jwsHeader.setX5tS256(value)

Sets a value for the X.509 certificate SHA-256 thumbprint claim (x5t#S256).

Kind: instance method of JwsHeader

Param	Type
value	string

jwsHeader.typ() ⇒ string | undefined

Returns the value of the token type claim (typ).

Kind: instance method of JwsHeader

jwsHeader.setTyp(value)

Sets a value for the token type claim (typ).

Kind: instance method of JwsHeader

Param	Type
value	string

jwsHeader.cty() ⇒ string | undefined

Returns the value of the content type claim (cty).

Kind: instance method of JwsHeader

jwsHeader.setCty(value)

Sets a value for the content type claim (cty).

Kind: instance method of JwsHeader

Param	Type
value	string

jwsHeader.crit() ⇒ Array.<string>

Returns the value of the critical claim (crit).

Kind: instance method of JwsHeader

jwsHeader.setCrit(value)

Sets values for the critical claim (crit).

Kind: instance method of JwsHeader

Param	Type
value	Array.<string>

jwsHeader.url() ⇒ string | undefined

Returns the value of the url claim (url).

Kind: instance method of JwsHeader

jwsHeader.setUrl(value)

Sets a value for the url claim (url).

Kind: instance method of JwsHeader

Param	Type
value	string

jwsHeader.nonce() ⇒ string | undefined

Returns the value of the nonce claim (nonce).

Kind: instance method of JwsHeader

jwsHeader.setNonce(value)

Sets a value for the nonce claim (nonce).

Kind: instance method of JwsHeader

Param	Type
value	string

jwsHeader.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of JwsHeader

jwsHeader.clone() ⇒ JwsHeader

Deep clones the object.

Kind: instance method of JwsHeader

JwsHeader.fromJSON(json) ⇒ JwsHeader

Deserializes an instance from a JSON object.

Kind: static method of JwsHeader

Param	Type
json	any

JwsSignatureOptions

Kind: global class

• JwsSignatureOptions
  • new JwsSignatureOptions(options)
  • instance
    • .setAttachJwk(value)
    • .setB64(value)
    • .setTyp(value)
    • .setCty(value)
    • .serUrl(value)
    • .setNonce(value)
    • .setKid(value)
    • .setDetachedPayload(value)
    • .setCustomHeaderParameters(value)
    • .toJSON() ⇒ any
    • .clone() ⇒ JwsSignatureOptions
  • static
    • .fromJSON(json) ⇒ JwsSignatureOptions

new JwsSignatureOptions(options)

Param	Type
options	IJwsSignatureOptions | undefined

jwsSignatureOptions.setAttachJwk(value)

Replace the value of the attachJwk field.

Kind: instance method of JwsSignatureOptions

Param	Type
value	boolean

jwsSignatureOptions.setB64(value)

Replace the value of the b64 field.

Kind: instance method of JwsSignatureOptions

Param	Type
value	boolean

jwsSignatureOptions.setTyp(value)

Replace the value of the typ field.

Kind: instance method of JwsSignatureOptions

Param	Type
value	string

jwsSignatureOptions.setCty(value)

Replace the value of the cty field.

Kind: instance method of JwsSignatureOptions

Param	Type
value	string

jwsSignatureOptions.serUrl(value)

Replace the value of the url field.

Kind: instance method of JwsSignatureOptions

Param	Type
value	string

jwsSignatureOptions.setNonce(value)

Replace the value of the nonce field.

Kind: instance method of JwsSignatureOptions

Param	Type
value	string

jwsSignatureOptions.setKid(value)

Replace the value of the kid field.

Kind: instance method of JwsSignatureOptions

Param	Type
value	string

jwsSignatureOptions.setDetachedPayload(value)

Replace the value of the detached_payload field.

Kind: instance method of JwsSignatureOptions

Param	Type
value	boolean

jwsSignatureOptions.setCustomHeaderParameters(value)

Add additional header parameters.

Kind: instance method of JwsSignatureOptions

Param	Type
value	Record.<string, any>

jwsSignatureOptions.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of JwsSignatureOptions

jwsSignatureOptions.clone() ⇒ JwsSignatureOptions

Deep clones the object.

Kind: instance method of JwsSignatureOptions

JwsSignatureOptions.fromJSON(json) ⇒ JwsSignatureOptions

Deserializes an instance from a JSON object.

Kind: static method of JwsSignatureOptions

Param	Type
json	any

JwsVerificationOptions

Kind: global class

• JwsVerificationOptions
  • new JwsVerificationOptions(options)
  • instance
    • .setNonce(value)
    • .setMethodScope(value)
    • .setMethodId(value)
    • .toJSON() ⇒ any
    • .clone() ⇒ JwsVerificationOptions
  • static
    • .fromJSON(json) ⇒ JwsVerificationOptions

new JwsVerificationOptions(options)

Creates a new JwsVerificationOptions from the given fields.

Param	Type
options	IJwsVerificationOptions | undefined

jwsVerificationOptions.setNonce(value)

Set the expected value for the nonce parameter of the protected header.

Kind: instance method of JwsVerificationOptions

Param	Type
value	string

jwsVerificationOptions.setMethodScope(value)

Set the scope of the verification methods that may be used to verify the given JWS.

Kind: instance method of JwsVerificationOptions

Param	Type
value	MethodScope

jwsVerificationOptions.setMethodId(value)

Set the DID URl of the method, whose JWK should be used to verify the JWS.

Kind: instance method of JwsVerificationOptions

Param	Type
value	DIDUrl

jwsVerificationOptions.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of JwsVerificationOptions

jwsVerificationOptions.clone() ⇒ JwsVerificationOptions

Deep clones the object.

Kind: instance method of JwsVerificationOptions

JwsVerificationOptions.fromJSON(json) ⇒ JwsVerificationOptions

Deserializes an instance from a JSON object.

Kind: static method of JwsVerificationOptions

Param	Type
json	any

Jwt

A wrapper around a JSON Web Token (JWK).

Kind: global class

• Jwt
  • new Jwt(jwt_string)
  • instance
    • .toString() ⇒ string
    • .toJSON() ⇒ any
    • .clone() ⇒ Jwt
  • static
    • .fromJSON(json) ⇒ Jwt

new Jwt(jwt_string)

Creates a new Jwt from the given string.

Param	Type
jwt_string	string

jwt.toString() ⇒ string

Returns a clone of the JWT string.

Kind: instance method of Jwt

jwt.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of Jwt

jwt.clone() ⇒ Jwt

Deep clones the object.

Kind: instance method of Jwt

Jwt.fromJSON(json) ⇒ Jwt

Deserializes an instance from a JSON object.

Kind: static method of Jwt

Param	Type
json	any

JwtCredentialValidationOptions

Options to declare validation criteria when validating credentials.

Kind: global class

• JwtCredentialValidationOptions
  • new JwtCredentialValidationOptions(options)
  • instance
    • .toJSON() ⇒ any
    • .clone() ⇒ JwtCredentialValidationOptions
  • static
    • .fromJSON(json) ⇒ JwtCredentialValidationOptions

new JwtCredentialValidationOptions(options)

Param	Type
options	IJwtCredentialValidationOptions | undefined

jwtCredentialValidationOptions.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of JwtCredentialValidationOptions

jwtCredentialValidationOptions.clone() ⇒ JwtCredentialValidationOptions

Deep clones the object.

Kind: instance method of JwtCredentialValidationOptions

JwtCredentialValidationOptions.fromJSON(json) ⇒ JwtCredentialValidationOptions

Deserializes an instance from a JSON object.

Kind: static method of JwtCredentialValidationOptions

Param	Type
json	any

JwtCredentialValidator

A type for decoding and validating Credential.

Kind: global class

• JwtCredentialValidator
  • new JwtCredentialValidator(signatureVerifier)
  • instance
    • .validate(credential_jwt, issuer, options, fail_fast) ⇒ DecodedJwtCredential
    • .verifySignature(credential, trustedIssuers, options) ⇒ DecodedJwtCredential
  • static
    • .checkExpiresOnOrAfter(credential, timestamp)
    • .checkIssuedOnOrBefore(credential, timestamp)
    • .checkSubjectHolderRelationship(credential, holder, relationship)
    • .checkStatus(credential, trustedIssuers, statusCheck)
    • .checkStatusWithStatusList2021(credential, status_list, status_check)
    • .extractIssuer(credential) ⇒ CoreDID
    • .extractIssuerFromJwt(credential) ⇒ CoreDID

new JwtCredentialValidator(signatureVerifier)

Creates a new JwtCredentialValidator. If a signatureVerifier is provided it will be used when verifying decoded JWS signatures, otherwise the default which is only capable of handling the EdDSA algorithm will be used.

Param	Type
signatureVerifier	IJwsVerifier

jwtCredentialValidator.validate(credential_jwt, issuer, options, fail_fast) ⇒ DecodedJwtCredential

Decodes and validates a Credential issued as a JWS. A DecodedJwtCredential is returned upon success.

The following properties are validated according to options:

• the issuer's signature on the JWS,
• the expiration date,
• the issuance date,
• the semantic structure.

Warning

The lack of an error returned from this method is in of itself not enough to conclude that the credential can be trusted. This section contains more information on additional checks that should be carried out before and after calling this method.

The state of the issuer's DID Document

The caller must ensure that issuer represents an up-to-date DID Document.

Properties that are not validated

There are many properties defined in The Verifiable Credentials Data Model that are not validated, such as: proof, credentialStatus, type, credentialSchema, refreshService and more. These should be manually checked after validation, according to your requirements.

Errors

An error is returned whenever a validated condition is not satisfied.

Kind: instance method of JwtCredentialValidator

Param	Type
credential_jwt	Jwt
issuer	CoreDocument | IToCoreDocument
options	JwtCredentialValidationOptions
fail_fast	number

jwtCredentialValidator.verifySignature(credential, trustedIssuers, options) ⇒ DecodedJwtCredential

Decode and verify the JWS signature of a Credential issued as a JWT using the DID Document of a trusted issuer.

A DecodedJwtCredential is returned upon success.

Warning

The caller must ensure that the DID Documents of the trusted issuers are up-to-date.

Proofs

Only the JWS signature is verified. If the Credential contains a proof property this will not be verified by this method.

Errors

This method immediately returns an error if the credential issuer' url cannot be parsed to a DID belonging to one of the trusted issuers. Otherwise an attempt to verify the credential's signature will be made and an error is returned upon failure.

Kind: instance method of JwtCredentialValidator

Param	Type
credential	Jwt
trustedIssuers	Array.<(CoreDocument|IToCoreDocument)>
options	JwsVerificationOptions

JwtCredentialValidator.checkExpiresOnOrAfter(credential, timestamp)

Validate that the credential expires on or after the specified timestamp.

Kind: static method of JwtCredentialValidator

Param	Type
credential	Credential
timestamp	Timestamp

JwtCredentialValidator.checkIssuedOnOrBefore(credential, timestamp)

Validate that the credential is issued on or before the specified timestamp.

Kind: static method of JwtCredentialValidator

Param	Type
credential	Credential
timestamp	Timestamp

JwtCredentialValidator.checkSubjectHolderRelationship(credential, holder, relationship)

Validate that the relationship between the holder and the credential subjects is in accordance with relationship. The holder parameter is expected to be the URL of the holder.

Kind: static method of JwtCredentialValidator

Param	Type
credential	Credential
holder	string
relationship	number

JwtCredentialValidator.checkStatus(credential, trustedIssuers, statusCheck)

Checks whether the credential status has been revoked.

Only supports RevocationBitmap2022.

Kind: static method of JwtCredentialValidator

Param	Type
credential	Credential
trustedIssuers	Array.<(CoreDocument|IToCoreDocument)>
statusCheck	number

JwtCredentialValidator.checkStatusWithStatusList2021(credential, status_list, status_check)

Checks wheter the credential status has been revoked using StatusList2021.

Kind: static method of JwtCredentialValidator

Param	Type
credential	Credential
status_list	StatusList2021Credential
status_check	number

JwtCredentialValidator.extractIssuer(credential) ⇒ CoreDID

Utility for extracting the issuer field of a Credential as a DID.

Errors

Fails if the issuer field is not a valid DID.

Kind: static method of JwtCredentialValidator

Param	Type
credential	Credential

JwtCredentialValidator.extractIssuerFromJwt(credential) ⇒ CoreDID

Utility for extracting the issuer field of a credential in JWT representation as DID.

Errors

If the JWT decoding fails or the issuer field is not a valid DID.

Kind: static method of JwtCredentialValidator

Param	Type
credential	Jwt

JwtDomainLinkageValidator

A validator for a Domain Linkage Configuration and Credentials.

Kind: global class

• JwtDomainLinkageValidator
  • new JwtDomainLinkageValidator(signatureVerifier)
  • .validateLinkage(issuer, configuration, domain, options)
  • .validateCredential(issuer, credentialJwt, domain, options)

new JwtDomainLinkageValidator(signatureVerifier)

Creates a new JwtDomainLinkageValidator. If a signatureVerifier is provided it will be used when verifying decoded JWS signatures, otherwise the default which is only capable of handling the EdDSA algorithm will be used.

Param	Type
signatureVerifier	IJwsVerifier

jwtDomainLinkageValidator.validateLinkage(issuer, configuration, domain, options)

Validates the linkage between a domain and a DID. DomainLinkageConfiguration is validated according to DID Configuration Resource Verification.

Linkage is valid if no error is thrown.

Note:

• Only the JSON Web Token Proof Format is supported.
• Only the Credential issued by issuer is verified.

Errors

• Semantic structure of configuration is invalid.
• configuration includes multiple credentials issued by issuer.
• Validation of the matched Domain Linkage Credential fails.

Kind: instance method of JwtDomainLinkageValidator

Param	Type
issuer	CoreDocument | IToCoreDocument
configuration	DomainLinkageConfiguration
domain	string
options	JwtCredentialValidationOptions

jwtDomainLinkageValidator.validateCredential(issuer, credentialJwt, domain, options)

Validates a Domain Linkage Credential.

Error will be thrown in case the validation fails.

Kind: instance method of JwtDomainLinkageValidator

Param	Type
issuer	CoreDocument | IToCoreDocument
credentialJwt	Jwt
domain	string
options	JwtCredentialValidationOptions

JwtPresentationOptions

Kind: global class

• JwtPresentationOptions
  • new JwtPresentationOptions(options)
  • instance
    • .toJSON() ⇒ any
    • .clone() ⇒ JwtPresentationOptions
  • static
    • .fromJSON(json) ⇒ JwtPresentationOptions

new JwtPresentationOptions(options)

Creates a new JwtPresentationOptions from the given fields.

Throws an error if any of the options are invalid.

Param	Type
options	IJwtPresentationOptions | undefined

jwtPresentationOptions.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of JwtPresentationOptions

jwtPresentationOptions.clone() ⇒ JwtPresentationOptions

Deep clones the object.

Kind: instance method of JwtPresentationOptions

JwtPresentationOptions.fromJSON(json) ⇒ JwtPresentationOptions

Deserializes an instance from a JSON object.

Kind: static method of JwtPresentationOptions

Param	Type
json	any

JwtPresentationValidationOptions

Options to declare validation criteria when validating presentation.

Kind: global class

• JwtPresentationValidationOptions
  • new JwtPresentationValidationOptions(options)
  • instance
    • .toJSON() ⇒ any
    • .clone() ⇒ JwtPresentationValidationOptions
  • static
    • .fromJSON(json) ⇒ JwtPresentationValidationOptions

new JwtPresentationValidationOptions(options)

Creates a new JwtPresentationValidationOptions from the given fields.

Throws an error if any of the options are invalid.

Param	Type
options	IJwtPresentationValidationOptions | undefined

jwtPresentationValidationOptions.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of JwtPresentationValidationOptions

jwtPresentationValidationOptions.clone() ⇒ JwtPresentationValidationOptions

Deep clones the object.

Kind: instance method of JwtPresentationValidationOptions

JwtPresentationValidationOptions.fromJSON(json) ⇒ JwtPresentationValidationOptions

Deserializes an instance from a JSON object.

Kind: static method of JwtPresentationValidationOptions

Param	Type
json	any

JwtPresentationValidator

Kind: global class

• JwtPresentationValidator
  • new JwtPresentationValidator(signatureVerifier)
  • instance
    • .validate(presentationJwt, holder, validation_options) ⇒ DecodedJwtPresentation
  • static
    • .checkStructure(presentation)
    • .extractHolder(presentation) ⇒ CoreDID

new JwtPresentationValidator(signatureVerifier)

Creates a new JwtPresentationValidator. If a signatureVerifier is provided it will be used when verifying decoded JWS signatures, otherwise the default which is only capable of handling the EdDSA algorithm will be used.

Param	Type
signatureVerifier	IJwsVerifier

jwtPresentationValidator.validate(presentationJwt, holder, validation_options) ⇒ DecodedJwtPresentation

Validates a Presentation encoded as a Jwt.

The following properties are validated according to options:

• the JWT can be decoded into a semantically valid presentation.
• the expiration and issuance date contained in the JWT claims.
• the holder's signature.

Validation is done with respect to the properties set in options.

Warning

• This method does NOT validate the constituent credentials and therefore also not the relationship between the credentials' subjects and the presentation holder. This can be done with JwtCredentialValidationOptions.
• The lack of an error returned from this method is in of itself not enough to conclude that the presentation can be trusted. This section contains more information on additional checks that should be carried out before and after calling this method.

The state of the supplied DID Documents.

The caller must ensure that the DID Documents in holder are up-to-date.

Errors

An error is returned whenever a validated condition is not satisfied or when decoding fails.

Kind: instance method of JwtPresentationValidator

Param	Type
presentationJwt	Jwt
holder	CoreDocument | IToCoreDocument
validation_options	JwtPresentationValidationOptions

JwtPresentationValidator.checkStructure(presentation)

Validates the semantic structure of the Presentation.

Kind: static method of JwtPresentationValidator

Param	Type
presentation	Presentation

JwtPresentationValidator.extractHolder(presentation) ⇒ CoreDID

Attempt to extract the holder of the presentation.

Errors:

• If deserialization/decoding of the presentation fails.
• If the holder can't be parsed as DIDs.

Kind: static method of JwtPresentationValidator

Param	Type
presentation	Jwt

KeyBindingJWTValidationOptions

Options to declare validation criteria when validating credentials.

Kind: global class

• KeyBindingJWTValidationOptions
  • new KeyBindingJWTValidationOptions(options)
  • instance
    • .toJSON() ⇒ any
    • .clone() ⇒ KeyBindingJWTValidationOptions
  • static
    • .fromJSON(json) ⇒ KeyBindingJWTValidationOptions

new KeyBindingJWTValidationOptions(options)

Param	Type
options	IKeyBindingJWTValidationOptions | undefined

keyBindingJWTValidationOptions.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of KeyBindingJWTValidationOptions

keyBindingJWTValidationOptions.clone() ⇒ KeyBindingJWTValidationOptions

Deep clones the object.

Kind: instance method of KeyBindingJWTValidationOptions

KeyBindingJWTValidationOptions.fromJSON(json) ⇒ KeyBindingJWTValidationOptions

Deserializes an instance from a JSON object.

Kind: static method of KeyBindingJWTValidationOptions

Param	Type
json	any

KeyBindingJwtClaims

Claims set for key binding JWT.

Kind: global class

• KeyBindingJwtClaims
  • new KeyBindingJwtClaims(jwt, disclosures, nonce, aud, issued_at, custom_properties)
  • instance
    • .toString() ⇒ string
    • .iat() ⇒ bigint
    • .aud() ⇒ string
    • .nonce() ⇒ string
    • .sdHash() ⇒ string
    • .customProperties() ⇒ Record.<string, any>
    • .toJSON() ⇒ any
    • .clone() ⇒ KeyBindingJwtClaims
  • static
    • .keyBindingJwtHeaderTyp() ⇒ string
    • .fromJSON(json) ⇒ KeyBindingJwtClaims

new KeyBindingJwtClaims(jwt, disclosures, nonce, aud, issued_at, custom_properties)

Creates a new [KeyBindingJwtClaims]. When issued_at is left as None, it will automatically default to the current time.

Error

When issued_at is set to None and the system returns time earlier than SystemTime::UNIX_EPOCH.

Param	Type
jwt	string
disclosures	Array.<string>
nonce	string
aud	string
issued_at	Timestamp | undefined
custom_properties	Record.<string, any> | undefined

keyBindingJwtClaims.toString() ⇒ string

Returns a string representation of the claims.

Kind: instance method of KeyBindingJwtClaims

keyBindingJwtClaims.iat() ⇒ bigint

Returns a copy of the issued at iat property.

Kind: instance method of KeyBindingJwtClaims

keyBindingJwtClaims.aud() ⇒ string

Returns a copy of the audience aud property.

Kind: instance method of KeyBindingJwtClaims

keyBindingJwtClaims.nonce() ⇒ string

Returns a copy of the nonce property.

Kind: instance method of KeyBindingJwtClaims

keyBindingJwtClaims.sdHash() ⇒ string

Returns a copy of the sd_hash property.

Kind: instance method of KeyBindingJwtClaims

keyBindingJwtClaims.customProperties() ⇒ Record.<string, any>

Returns a copy of the custom properties.

Kind: instance method of KeyBindingJwtClaims

keyBindingJwtClaims.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of KeyBindingJwtClaims

keyBindingJwtClaims.clone() ⇒ KeyBindingJwtClaims

Deep clones the object.

Kind: instance method of KeyBindingJwtClaims

KeyBindingJwtClaims.keyBindingJwtHeaderTyp() ⇒ string

Returns the value of the typ property of the JWT header according to https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-07.html#name-key-binding-jwt

Kind: static method of KeyBindingJwtClaims

KeyBindingJwtClaims.fromJSON(json) ⇒ KeyBindingJwtClaims

Deserializes an instance from a JSON object.

Kind: static method of KeyBindingJwtClaims

Param	Type
json	any

LinkedDomainService

Kind: global class

• LinkedDomainService
  • new LinkedDomainService(options)
  • instance
    • .domains() ⇒ Array.<string>
    • .toService() ⇒ Service
    • .clone() ⇒ LinkedDomainService
  • static
    • .fromService(service) ⇒ LinkedDomainService
    • .isValid(service) ⇒ boolean

new LinkedDomainService(options)

Constructs a new LinkedDomainService that wraps a spec compliant Linked Domain Service Endpoint.

Domain URLs must include the https scheme in order to pass the domain linkage validation.

Param	Type
options	ILinkedDomainService

linkedDomainService.domains() ⇒ Array.<string>

Returns the domains contained in the Linked Domain Service.

Kind: instance method of LinkedDomainService

linkedDomainService.toService() ⇒ Service

Returns the inner service which can be added to a DID Document.

Kind: instance method of LinkedDomainService

linkedDomainService.clone() ⇒ LinkedDomainService

Deep clones the object.

Kind: instance method of LinkedDomainService

LinkedDomainService.fromService(service) ⇒ LinkedDomainService

Creates a new LinkedDomainService from a Service.

Error

Errors if service is not a valid Linked Domain Service.

Kind: static method of LinkedDomainService

Param	Type
service	Service

LinkedDomainService.isValid(service) ⇒ boolean

Returns true if a Service is a valid Linked Domain Service.

Kind: static method of LinkedDomainService

Param	Type
service	Service

MethodData

Supported verification method data formats.

Kind: global class

• MethodData
  • instance
    • .tryCustom() ⇒ CustomMethodData
    • .tryDecode() ⇒ Uint8Array
    • .tryPublicKeyJwk() ⇒ Jwk
    • .toJSON() ⇒ any
    • .clone() ⇒ MethodData
  • static
    • .newBase58(data) ⇒ MethodData
    • .newMultibase(data) ⇒ MethodData
    • .newJwk(key) ⇒ MethodData
    • .newCustom(name, data) ⇒ MethodData
    • .fromJSON(json) ⇒ MethodData

methodData.tryCustom() ⇒ CustomMethodData

Returns the wrapped custom method data format is Custom.

Kind: instance method of MethodData

methodData.tryDecode() ⇒ Uint8Array

Returns a Uint8Array containing the decoded bytes of the MethodData.

This is generally a public key identified by a MethodData value.

Errors

Decoding can fail if MethodData has invalid content or cannot be represented as a vector of bytes.

Kind: instance method of MethodData

methodData.tryPublicKeyJwk() ⇒ Jwk

Returns the wrapped Jwk if the format is PublicKeyJwk.

Kind: instance method of MethodData

methodData.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of MethodData

methodData.clone() ⇒ MethodData

Deep clones the object.

Kind: instance method of MethodData

MethodData.newBase58(data) ⇒ MethodData

Creates a new MethodData variant with Base58-BTC encoded content.

Kind: static method of MethodData

Param	Type
data	Uint8Array

MethodData.newMultibase(data) ⇒ MethodData

Creates a new MethodData variant with Multibase-encoded content.

Kind: static method of MethodData

Param	Type
data	Uint8Array

MethodData.newJwk(key) ⇒ MethodData

Creates a new MethodData variant consisting of the given key.

Errors

An error is thrown if the given key contains any private components.

Kind: static method of MethodData

Param	Type
key	Jwk

MethodData.newCustom(name, data) ⇒ MethodData

Creates a new custom MethodData.

Kind: static method of MethodData

Param	Type
name	string
data	any

MethodData.fromJSON(json) ⇒ MethodData

Deserializes an instance from a JSON object.

Kind: static method of MethodData

Param	Type
json	any

MethodDigest

Unique identifier of a VerificationMethod.

NOTE: This class does not have a JSON representation, use the methods pack and unpack instead.

Kind: global class

• MethodDigest
  • new MethodDigest(verification_method)
  • instance
    • .pack() ⇒ Uint8Array
    • .clone() ⇒ MethodDigest
  • static
    • .unpack(bytes) ⇒ MethodDigest

new MethodDigest(verification_method)

Param	Type
verification_method	VerificationMethod

methodDigest.pack() ⇒ Uint8Array

Packs MethodDigest into bytes.

Kind: instance method of MethodDigest

methodDigest.clone() ⇒ MethodDigest

Deep clones the object.

Kind: instance method of MethodDigest

MethodDigest.unpack(bytes) ⇒ MethodDigest

Unpacks bytes into MethodDigest.

Kind: static method of MethodDigest

Param	Type
bytes	Uint8Array

MethodScope

Supported verification method types.

Kind: global class

• MethodScope
  • instance
    • .toString() ⇒ string
    • .toJSON() ⇒ any
    • .clone() ⇒ MethodScope
  • static
    • .VerificationMethod() ⇒ MethodScope
    • .Authentication() ⇒ MethodScope
    • .AssertionMethod() ⇒ MethodScope
    • .KeyAgreement() ⇒ MethodScope
    • .CapabilityDelegation() ⇒ MethodScope
    • .CapabilityInvocation() ⇒ MethodScope
    • .fromJSON(json) ⇒ MethodScope

methodScope.toString() ⇒ string

Returns the MethodScope as a string.

Kind: instance method of MethodScope

methodScope.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of MethodScope

methodScope.clone() ⇒ MethodScope

Deep clones the object.

Kind: instance method of MethodScope

MethodScope.VerificationMethod() ⇒ MethodScope

Kind: static method of MethodScope

MethodScope.Authentication() ⇒ MethodScope

Kind: static method of MethodScope

MethodScope.AssertionMethod() ⇒ MethodScope

Kind: static method of MethodScope

MethodScope.KeyAgreement() ⇒ MethodScope

Kind: static method of MethodScope

MethodScope.CapabilityDelegation() ⇒ MethodScope

Kind: static method of MethodScope

MethodScope.CapabilityInvocation() ⇒ MethodScope

Kind: static method of MethodScope

MethodScope.fromJSON(json) ⇒ MethodScope

Deserializes an instance from a JSON object.

Kind: static method of MethodScope

Param	Type
json	any

MethodType

Supported verification method types.

Kind: global class

• MethodType
  • instance
    • .toString() ⇒ string
    • .toJSON() ⇒ any
    • .clone() ⇒ MethodType
  • static
    • .Ed25519VerificationKey2018() ⇒ MethodType
    • .X25519KeyAgreementKey2019() ⇒ MethodType
    • .JsonWebKey() ⇒ MethodType
    • .custom(type_) ⇒ MethodType
    • .fromJSON(json) ⇒ MethodType

methodType.toString() ⇒ string

Returns the MethodType as a string.

Kind: instance method of MethodType

methodType.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of MethodType

methodType.clone() ⇒ MethodType

Deep clones the object.

Kind: instance method of MethodType

MethodType.Ed25519VerificationKey2018() ⇒ MethodType

Kind: static method of MethodType

MethodType.X25519KeyAgreementKey2019() ⇒ MethodType

Kind: static method of MethodType

MethodType.JsonWebKey() ⇒ MethodType

A verification method for use with JWT verification as prescribed by the Jwk in the publicKeyJwk entry.

Kind: static method of MethodType

MethodType.custom(type_) ⇒ MethodType

A custom method.

Kind: static method of MethodType

Param	Type
type_	string

MethodType.fromJSON(json) ⇒ MethodType

Deserializes an instance from a JSON object.

Kind: static method of MethodType

Param	Type
json	any

Presentation

Kind: global class

• Presentation
  • new Presentation(values)
  • instance
    • .context() ⇒ Array.<(string|Record.<string, any>)>
    • .id() ⇒ string | undefined
    • .type() ⇒ Array.<string>
    • .verifiableCredential() ⇒ Array.<UnknownCredential>
    • .holder() ⇒ string
    • .refreshService() ⇒ Array.<RefreshService>
    • .termsOfUse() ⇒ Array.<Policy>
    • .proof() ⇒ Proof | undefined
    • .setProof(proof)
    • .properties() ⇒ Map.<string, any>
    • .toJSON() ⇒ any
    • .clone() ⇒ Presentation
  • static
    • .BaseContext() ⇒ string
    • .BaseType() ⇒ string
    • .fromJSON(json) ⇒ Presentation

new Presentation(values)

Constructs a new presentation.

Param	Type
values	IPresentation

presentation.context() ⇒ Array.<(string|Record.<string, any>)>

Returns a copy of the JSON-LD context(s) applicable to the presentation.

Kind: instance method of Presentation

presentation.id() ⇒ string | undefined

Returns a copy of the unique URI identifying the presentation.

Kind: instance method of Presentation

presentation.type() ⇒ Array.<string>

Returns a copy of the URIs defining the type of the presentation.

Kind: instance method of Presentation

presentation.verifiableCredential() ⇒ Array.<UnknownCredential>

Returns the JWT credentials expressing the claims of the presentation.

Kind: instance method of Presentation

presentation.holder() ⇒ string

Returns a copy of the URI of the entity that generated the presentation.

Kind: instance method of Presentation

presentation.refreshService() ⇒ Array.<RefreshService>

Returns a copy of the service(s) used to refresh an expired Credential in the presentation.

Kind: instance method of Presentation

presentation.termsOfUse() ⇒ Array.<Policy>

Returns a copy of the terms-of-use specified by the presentation holder

Kind: instance method of Presentation

presentation.proof() ⇒ Proof | undefined

Optional cryptographic proof, unrelated to JWT.

Kind: instance method of Presentation

presentation.setProof(proof)

Sets the proof property of the Presentation.

Note that this proof is not related to JWT.

Kind: instance method of Presentation

Param	Type
proof	Proof | undefined

presentation.properties() ⇒ Map.<string, any>

Returns a copy of the miscellaneous properties on the presentation.

Kind: instance method of Presentation

presentation.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of Presentation

presentation.clone() ⇒ Presentation

Deep clones the object.

Kind: instance method of Presentation

Presentation.BaseContext() ⇒ string

Returns the base JSON-LD context.

Kind: static method of Presentation

Presentation.BaseType() ⇒ string

Returns the base type.

Kind: static method of Presentation

Presentation.fromJSON(json) ⇒ Presentation

Deserializes an instance from a JSON object.

Kind: static method of Presentation

Param	Type
json	any

Proof

Represents a cryptographic proof that can be used to validate verifiable credentials and presentations.

This representation does not inherently implement any standard; instead, it can be utilized to implement standards or user-defined proofs. The presence of the type field is necessary to accommodate different types of cryptographic proofs.

Note that this proof is not related to JWT and can be used in combination or as an alternative to it.

Kind: global class

• Proof
  • new Proof(type_, properties)
  • instance
    • .type() ⇒ string
    • .properties() ⇒ any
    • .toJSON() ⇒ any
    • .clone() ⇒ Proof
  • static
    • .fromJSON(json) ⇒ Proof

new Proof(type_, properties)

Param	Type
type_	string
properties	any

proof.type() ⇒ string

Returns the type of proof.

Kind: instance method of Proof

proof.properties() ⇒ any

Returns the properties of the proof.

Kind: instance method of Proof

proof.toJSON() ⇒ any

Serializes this to a JSON object.

Kind: instance method of Proof

proof.clone() ⇒ Proof

Deep clones the object.

Kind: instance method of Proof

Proof.fromJSON(json) ⇒ Proof

Deserializes an instance from a JSON object.

Kind: static method of Proof

Param	Type
json	any

Resolver

Convenience type for resolving DID documents from different DID methods.

Also provides methods for resolving DID Documents associated with verifiable Credentials and Presentations.

Configuration

The resolver will only be able to resolve DID documents for methods it has been configured for in the constructor.

Kind: global class

• Resolver
  • new Resolver(config)
  • .resolve(did) ⇒ Promise.<(CoreDocument|IToCoreDocument)>
  • .resolveMultiple(dids) ⇒ Promise.<Array.<(CoreDocument|IToCoreDocument)>>

new Resolver(config)

Constructs a new Resolver.

Errors

If both a client is given and the handlers map contains the "iota" key the construction process will throw an error because the handler for the "iota" method then becomes ambiguous.

Param	Type
config	ResolverConfig

resolver.resolve(did) ⇒ Promise.<(CoreDocument|IToCoreDocument)>

Fetches the DID Document of the given DID.

Errors

Errors if the resolver has not been configured to handle the method corresponding to the given DID or the resolution process itself fails.

Kind: instance method of Resolver

Param	Type
did	string

resolver.resolveMultiple(dids) ⇒ Promise.<Array.<(CoreDocument|IToCoreDocument)>>

Concurrently fetches the DID Documents of the multiple given DIDs.

Errors

• If the resolver has not been configured to handle the method of any of the given DIDs.
• If the resolution process of any DID fails.

Note

• The order of the documents in the returned array matches that in dids.
• If dids contains duplicates, these will be resolved only once and the resolved document is copied into the returned array to match the order of dids.

Kind: instance method of Resolver

Param	Type
dids	Array.<string>

RevocationBitmap

A compressed bitmap for managing credential revocation.

Kind: global class

• RevocationBitmap
  • new RevocationBitmap()
  • instance
    • .isRevoked(index) ⇒ boolean
    • .revoke(index) ⇒ boolean
    • .unrevoke(index) ⇒ boolean
    • .len() ⇒ number
    • .toService(serviceId) ⇒ Service
  • static
    • .type() ⇒ string
    • .fromEndpoint(service) ⇒ RevocationBitmap

new RevocationBitmap()

Creates a new RevocationBitmap instance.

revocationBitmap.isRevoked(index) ⇒ boolean

Returns true if the credential at the given index is revoked.

Kind: instance method of RevocationBitmap

Param	Type
index	number

revocationBitmap.revoke(index) ⇒ boolean

Mark the given index as revoked.

Returns true if the index was absent from the set.

Kind: instance method of RevocationBitmap

Param	Type
index	number

revocationBitmap.unrevoke(index) ⇒ boolean

Mark the index as not revoked.

Returns true if the index was present in the set.

Kind: instance method of RevocationBitmap

Param	Type
index	number

revocationBitmap.len() ⇒ number

Returns the number of revoked credentials.

Kind: instance method of RevocationBitmap

revocationBitmap.toService(serviceId) ⇒ Service

Return a Service with:

• the service's id set to serviceId,
• of type RevocationBitmap2022,
• and with the bitmap embedded in a data url in the service's endpoint.

Kind: instance method of RevocationBitmap

Param	Type
serviceId	DIDUrl

RevocationBitmap.type() ⇒ string

The name of the service type.

Kind: static method of RevocationBitmap

RevocationBitmap.fromEndpoint(service) ⇒ RevocationBitmap

Try to construct a RevocationBitmap from a service if it is a valid Revocation Bitmap Service.

Kind: static method of RevocationBitmap

Param	Type
service	Service

SdJwt

Representation of an SD-JWT of the format <Issuer-signed JWT>~<Disclosure 1>~<Disclosure 2>~...~<Disclosure N>~<optional KB-JWT>.

Kind: global class

• SdJwt
  • new SdJwt(jwt, disclosures, key_binding_jwt)
  • instance
    • .presentation() ⇒ string
    • .toString() ⇒ string
    • .jwt() ⇒ string
    • .disclosures() ⇒ Array.<string>
    • .keyBindingJwt() ⇒ string | undefined
    • .clone() ⇒ SdJwt
  • static
    • .parse(sd_jwt) ⇒ SdJwt

new SdJwt(jwt, disclosures, key_binding_jwt)

Creates a new SdJwt from its components.

Param	Type
jwt	string
disclosures	Array.<string>
key_binding_jwt	string | undefined

sdJwt.presentation() ⇒ string

Serializes the components into the final SD-JWT.

Kind: instance method of SdJwt

sdJwt.toString() ⇒ string

Serializes the components into the final SD-JWT.

Kind: instance method of SdJwt

sdJwt.jwt() ⇒ string

The JWT part.

Kind: instance method of SdJwt

sdJwt.disclosures() ⇒ Array.<string>

The disclosures part.

Kind: instance method of SdJwt

sdJwt.keyBindingJwt() ⇒ string | undefined

The optional key binding JWT.

Kind: instance method of SdJwt

sdJwt.clone() ⇒ SdJwt

Deep clones the object.

Kind: instance method of SdJwt

SdJwt.parse(sd_jwt) ⇒ SdJwt

Parses an SD-JWT into its components as [SdJwt].

Error

Returns DeserializationError if parsing fails.

Kind: static method of SdJwt

Param	Type
sd_jwt	string

SdJwtCredentialValidator

A type for decoding and validating Credential.

Kind: global class

• SdJwtCredentialValidator
  • new SdJwtCredentialValidator(signatureVerifier)
  • .validateCredential(sd_jwt, issuer, options, fail_fast) ⇒ DecodedJwtCredential
  • .verifySignature(credential, trustedIssuers, options) ⇒ DecodedJwtCredential
  • .validateKeyBindingJwt(sdJwt, holder, options) ⇒ KeyBindingJwtClaims

new SdJwtCredentialValidator(signatureVerifier)

Creates a new SdJwtCredentialValidator. If a signatureVerifier is provided it will be used when verifying decoded JWS signatures, otherwise the default which is only capable of handling the EdDSA algorithm will be used.

Param	Type
signatureVerifier	IJwsVerifier

sdJwtCredentialValidator.validateCredential(sd_jwt, issuer, options, fail_fast) ⇒ DecodedJwtCredential

Decodes and validates a Credential issued as an SD-JWT. A DecodedJwtCredential is returned upon success. The credential is constructed by replacing disclosures following the Selective Disclosure for JWTs (SD-JWT) standard.

The following properties are validated according to options:

• the issuer's signature on the JWS,
• the expiration date,
• the issuance date,
• the semantic structure.

Warning

• The key binding JWT is not validated. If needed, it must be validated separately using SdJwtValidator::validate_key_binding_jwt.
• The lack of an error returned from this method is in of itself not enough to conclude that the credential can be trusted. This section contains more information on additional checks that should be carried out before and after calling this method.

The state of the issuer's DID Document

The caller must ensure that issuer represents an up-to-date DID Document.

Properties that are not validated

There are many properties defined in The Verifiable Credentials Data Model that are not validated, such as: proof, credentialStatus, type, credentialSchema, refreshService and more. These should be manually checked after validation, according to your requirements.

Errors

An error is returned whenever a validated condition is not satisfied.

Kind: instance method of SdJwtCredentialValidator

Param	Type
sd_jwt	SdJwt
issuer	CoreDocument | IToCoreDocument
options	JwtCredentialValidationOptions
fail_fast	number

sdJwtCredentialValidator.verifySignature(credential, trustedIssuers, options) ⇒ DecodedJwtCredential

Decode and verify the JWS signature of a Credential issued as an SD-JWT using the DID Document of a trusted issuer and replaces the disclosures.

A DecodedJwtCredential is returned upon success.

Warning

The caller must ensure that the DID Documents of the trusted issuers are up-to-date.

Proofs

Only the JWS signature is verified. If the Credential contains a proof property this will not be verified by this method.

Errors

• If the issuer' URL cannot be parsed.
• If Signature verification fails.
• If SD decoding fails.

Kind: instance method of SdJwtCredentialValidator

Param	Type
credential	SdJwt
trustedIssuers	Array.<(CoreDocument|IToCoreDocument)>
options	JwsVerificationOptions

sdJwtCredentialValidator.validateKeyBindingJwt(sdJwt, holder, options) ⇒ KeyBindingJwtClaims

Validates a Key Binding JWT (KB-JWT) according to https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-07.html#name-key-binding-jwt. The Validation process includes:

• Signature validation using public key materials defined in the holder document.
• typ value in KB-JWT header.
• sd_hash claim value in the KB-JWT claim.
• Optional nonce, aud and issuance date validation.

Kind: instance method of SdJwtCredentialValidator

Param	Type
sdJwt	SdJwt
holder	CoreDocument | IToCoreDocument
options	KeyBindingJWTValidationOptions

SdObjectDecoder

Substitutes digests in an SD-JWT object by their corresponding plaintext values provided by disclosures.

Kind: global class

• SdObjectDecoder
  • new SdObjectDecoder()
  • .decode(object, disclosures) ⇒ Record.<string, any>

new SdObjectDecoder()

Creates a new SdObjectDecoder with sha-256 hasher.

sdObjectDecoder.decode(object, disclosures) ⇒ Record.<string, any>

Decodes an SD-JWT object containing by Substituting the digests with their corresponding plaintext values provided by disclosures.

Notes

• Claims like exp or iat are not validated in the process of decoding.
• _sd_alg property will be removed if present.

Kind: instance method of SdObjectDecoder

Param	Type
object	Record.<string, any>
disclosures	Array.<string>

SdObjectEncoder

Transforms a JSON object into an SD-JWT object by substituting selected values with their corresponding disclosure digests.

Note: digests are created using the sha-256 algorithm.

Kind: global class

• SdObjectEncoder
  • new SdObjectEncoder(object)
  • .conceal(path, salt) ⇒ Disclosure
  • .addSdAlgProperty()
  • .encodeToString() ⇒ string
  • .toString() ⇒ string
  • .encodeToObject() ⇒ Record.<string, any>
  • .toJSON() ⇒ any
  • .addDecoys(path, number_of_decoys)

new SdObjectEncoder(object)

Creates a new SdObjectEncoder with sha-256 hash function.

Param	Type
object	any

sdObjectEncoder.conceal(path, salt) ⇒ Disclosure

Substitutes a value with the digest of its disclosure. If no salt is provided, the disclosure will be created with a random salt value.

path indicates the pointer to the value that will be concealed using the syntax of JSON pointer.

For the following object:

{
 "id": "did:value",
 "claim1": {
    "abc": true
 },
 "claim2": ["val_1", "val_2"]
}

Path "/id" conceals "id": "did:value" Path "/claim1/abc" conceals "abc": true Path "/claim2/0" conceals val_1

## Errors
* `InvalidPath` if pointer is invalid.
* `DataTypeMismatch` if existing SD format is invalid.

**Kind**: instance method of [<code>SdObjectEncoder</code>](#SdObjectEncoder)  

| Param | Type |
| --- | --- |
| path | <code>string</code> | 
| salt | <code>string</code> \| <code>undefined</code> | 

<a name="SdObjectEncoder+addSdAlgProperty"></a>

### sdObjectEncoder.addSdAlgProperty()
Adds the `_sd_alg` property to the top level of the object, with
its value set to "sha-256".

**Kind**: instance method of [<code>SdObjectEncoder</code>](#SdObjectEncoder)  
<a name="SdObjectEncoder+encodeToString"></a>

### sdObjectEncoder.encodeToString() ⇒ <code>string</code>
Returns the modified object as a string.

**Kind**: instance method of [<code>SdObjectEncoder</code>](#SdObjectEncoder)  
<a name="SdObjectEncoder+toString"></a>

### sdObjectEncoder.toString() ⇒ <code>string</code>
Returns the modified object as a string.

**Kind**: instance method of [<code>SdObjectEncoder</code>](#SdObjectEncoder)  
<a name="SdObjectEncoder+encodeToObject"></a>

### sdObjectEncoder.encodeToObject() ⇒ <code>Record.&lt;string, any&gt;</code>
Returns the modified object.

**Kind**: instance method of [<code>SdObjectEncoder</code>](#SdObjectEncoder)  
<a name="SdObjectEncoder+toJSON"></a>

### sdObjectEncoder.toJSON() ⇒ <code>any</code>
Returns the modified object.

**Kind**: instance method of [<code>SdObjectEncoder</code>](#SdObjectEncoder)  
<a name="SdObjectEncoder+addDecoys"></a>

### sdObjectEncoder.addDecoys(path, number_of_decoys)
Adds a decoy digest to the specified path.
If path is an empty slice, decoys will be added to the top level.

**Kind**: instance method of [<code>SdObjectEncoder</code>](#SdObjectEncoder)  

| Param | Type |
| --- | --- |
| path | <code>string</code> | 
| number_of_decoys | <code>number</code> | 

<a name="Service"></a>

## Service
A DID Document Service used to enable trusted interactions associated with a DID subject.

**Kind**: global class  

* [Service](#Service)
    * [new Service(service)](#new_Service_new)
    * _instance_
        * [.id()](#Service+id) ⇒ [<code>DIDUrl</code>](#DIDUrl)
        * [.type()](#Service+type) ⇒ <code>Array.&lt;string&gt;</code>
        * [.serviceEndpoint()](#Service+serviceEndpoint) ⇒ <code>string</code> \| <code>Array.&lt;string&gt;</code> \| <code>Map.&lt;string, Array.&lt;string&gt;&gt;</code>
        * [.properties()](#Service+properties) ⇒ <code>Map.&lt;string, any&gt;</code>
        * [.toJSON()](#Service+toJSON) ⇒ <code>any</code>
        * [.clone()](#Service+clone) ⇒ [<code>Service</code>](#Service)
    * _static_
        * [.fromJSON(json)](#Service.fromJSON) ⇒ [<code>Service</code>](#Service)

<a name="new_Service_new"></a>

### new Service(service)

| Param | Type |
| --- | --- |
| service | <code>IService</code> | 

<a name="Service+id"></a>

### service.id() ⇒ [<code>DIDUrl</code>](#DIDUrl)
Returns a copy of the [Service](#Service) id.

**Kind**: instance method of [<code>Service</code>](#Service)  
<a name="Service+type"></a>

### service.type() ⇒ <code>Array.&lt;string&gt;</code>
Returns a copy of the [Service](#Service) type.

**Kind**: instance method of [<code>Service</code>](#Service)  
<a name="Service+serviceEndpoint"></a>

### service.serviceEndpoint() ⇒ <code>string</code> \| <code>Array.&lt;string&gt;</code> \| <code>Map.&lt;string, Array.&lt;string&gt;&gt;</code>
Returns a copy of the [Service](#Service) endpoint.

**Kind**: instance method of [<code>Service</code>](#Service)  
<a name="Service+properties"></a>

### service.properties() ⇒ <code>Map.&lt;string, any&gt;</code>
Returns a copy of the custom properties on the [Service](#Service).

**Kind**: instance method of [<code>Service</code>](#Service)  
<a name="Service+toJSON"></a>

### service.toJSON() ⇒ <code>any</code>
Serializes this to a JSON object.

**Kind**: instance method of [<code>Service</code>](#Service)  
<a name="Service+clone"></a>

### service.clone() ⇒ [<code>Service</code>](#Service)
Deep clones the object.

**Kind**: instance method of [<code>Service</code>](#Service)  
<a name="Service.fromJSON"></a>

### Service.fromJSON(json) ⇒ [<code>Service</code>](#Service)
Deserializes an instance from a JSON object.

**Kind**: static method of [<code>Service</code>](#Service)  

| Param | Type |
| --- | --- |
| json | <code>any</code> | 

<a name="StatusList2021"></a>

## StatusList2021
StatusList2021 data structure as described in [W3C's VC status list 2021](https://www.w3.org/TR/2023/WD-vc-status-list-20230427/).

**Kind**: global class  

* [StatusList2021](#StatusList2021)
    * [new StatusList2021(size)](#new_StatusList2021_new)
    * _instance_
        * [.clone()](#StatusList2021+clone) ⇒ [<code>StatusList2021</code>](#StatusList2021)
        * [.len()](#StatusList2021+len) ⇒ <code>number</code>
        * [.get(index)](#StatusList2021+get) ⇒ <code>boolean</code>
        * [.set(index, value)](#StatusList2021+set)
        * [.intoEncodedStr()](#StatusList2021+intoEncodedStr) ⇒ <code>string</code>
    * _static_
        * [.fromEncodedStr(s)](#StatusList2021.fromEncodedStr) ⇒ [<code>StatusList2021</code>](#StatusList2021)

<a name="new_StatusList2021_new"></a>

### new StatusList2021(size)
Creates a new [StatusList2021](#StatusList2021) of `size` entries.


| Param | Type |
| --- | --- |
| size | <code>number</code> \| <code>undefined</code> | 

<a name="StatusList2021+clone"></a>

### statusList2021.clone() ⇒ [<code>StatusList2021</code>](#StatusList2021)
Deep clones the object.

**Kind**: instance method of [<code>StatusList2021</code>](#StatusList2021)  
<a name="StatusList2021+len"></a>

### statusList2021.len() ⇒ <code>number</code>
Returns the number of entries in this [StatusList2021](#StatusList2021).

**Kind**: instance method of [<code>StatusList2021</code>](#StatusList2021)  
<a name="StatusList2021+get"></a>

### statusList2021.get(index) ⇒ <code>boolean</code>
Returns whether the entry at `index` is set.

**Kind**: instance method of [<code>StatusList2021</code>](#StatusList2021)  

| Param | Type |
| --- | --- |
| index | <code>number</code> | 

<a name="StatusList2021+set"></a>

### statusList2021.set(index, value)
Sets the value of the `index`-th entry.

**Kind**: instance method of [<code>StatusList2021</code>](#StatusList2021)  

| Param | Type |
| --- | --- |
| index | <code>number</code> | 
| value | <code>boolean</code> | 

<a name="StatusList2021+intoEncodedStr"></a>

### statusList2021.intoEncodedStr() ⇒ <code>string</code>
Encodes this [StatusList2021](#StatusList2021) into its compressed
base64 string representation.

**Kind**: instance method of [<code>StatusList2021</code>](#StatusList2021)  
<a name="StatusList2021.fromEncodedStr"></a>

### StatusList2021.fromEncodedStr(s) ⇒ [<code>StatusList2021</code>](#StatusList2021)
Attempts to decode a [StatusList2021](#StatusList2021) from a string.

**Kind**: static method of [<code>StatusList2021</code>](#StatusList2021)  

| Param | Type |
| --- | --- |
| s | <code>string</code> | 

<a name="StatusList2021Credential"></a>

## StatusList2021Credential
A parsed [StatusList2021Credential](https://www.w3.org/TR/2023/WD-vc-status-list-20230427/#statuslist2021credential).

**Kind**: global class  

* [StatusList2021Credential](#StatusList2021Credential)
    * [new StatusList2021Credential(credential)](#new_StatusList2021Credential_new)
    * _instance_
        * [.id()](#StatusList2021Credential+id) ⇒ <code>string</code>
        * [.setCredentialStatus(credential, index, revoked_or_suspended)](#StatusList2021Credential+setCredentialStatus) ⇒ [<code>StatusList2021Entry</code>](#StatusList2021Entry)
        * [.purpose()](#StatusList2021Credential+purpose) ⇒ <code>number</code>
        * [.entry(index)](#StatusList2021Credential+entry) ⇒ <code>number</code>
        * [.clone()](#StatusList2021Credential+clone) ⇒ [<code>StatusList2021Credential</code>](#StatusList2021Credential)
        * [.toJSON()](#StatusList2021Credential+toJSON) ⇒ <code>any</code>
    * _static_
        * [.fromJSON(json)](#StatusList2021Credential.fromJSON) ⇒ [<code>StatusList2021Credential</code>](#StatusList2021Credential)

<a name="new_StatusList2021Credential_new"></a>

### new StatusList2021Credential(credential)
Creates a new [StatusList2021Credential](#StatusList2021Credential).


| Param | Type |
| --- | --- |
| credential | [<code>Credential</code>](#Credential) | 

<a name="StatusList2021Credential+id"></a>

### statusList2021Credential.id() ⇒ <code>string</code>
**Kind**: instance method of [<code>StatusList2021Credential</code>](#StatusList2021Credential)  
<a name="StatusList2021Credential+setCredentialStatus"></a>

### statusList2021Credential.setCredentialStatus(credential, index, revoked_or_suspended) ⇒ [<code>StatusList2021Entry</code>](#StatusList2021Entry)
Sets the given credential's status using the `index`-th entry of this status list.
Returns the created `credentialStatus`.

**Kind**: instance method of [<code>StatusList2021Credential</code>](#StatusList2021Credential)  

| Param | Type |
| --- | --- |
| credential | [<code>Credential</code>](#Credential) | 
| index | <code>number</code> | 
| revoked_or_suspended | <code>boolean</code> | 

<a name="StatusList2021Credential+purpose"></a>

### statusList2021Credential.purpose() ⇒ <code>number</code>
Returns the [StatusPurpose](#StatusPurpose) of this [StatusList2021Credential](#StatusList2021Credential).

**Kind**: instance method of [<code>StatusList2021Credential</code>](#StatusList2021Credential)  
<a name="StatusList2021Credential+entry"></a>

### statusList2021Credential.entry(index) ⇒ <code>number</code>
Returns the state of the `index`-th entry, if any.

**Kind**: instance method of [<code>StatusList2021Credential</code>](#StatusList2021Credential)  

| Param | Type |
| --- | --- |
| index | <code>number</code> | 

<a name="StatusList2021Credential+clone"></a>

### statusList2021Credential.clone() ⇒ [<code>StatusList2021Credential</code>](#StatusList2021Credential)
**Kind**: instance method of [<code>StatusList2021Credential</code>](#StatusList2021Credential)  
<a name="StatusList2021Credential+toJSON"></a>

### statusList2021Credential.toJSON() ⇒ <code>any</code>
**Kind**: instance method of [<code>StatusList2021Credential</code>](#StatusList2021Credential)  
<a name="StatusList2021Credential.fromJSON"></a>

### StatusList2021Credential.fromJSON(json) ⇒ [<code>StatusList2021Credential</code>](#StatusList2021Credential)
**Kind**: static method of [<code>StatusList2021Credential</code>](#StatusList2021Credential)  

| Param | Type |
| --- | --- |
| json | <code>any</code> | 

<a name="StatusList2021CredentialBuilder"></a>

## StatusList2021CredentialBuilder
Builder type to construct valid [StatusList2021Credential](#StatusList2021Credential) istances.

**Kind**: global class  

* [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder)
    * [new StatusList2021CredentialBuilder(status_list)](#new_StatusList2021CredentialBuilder_new)
    * [.purpose(purpose)](#StatusList2021CredentialBuilder+purpose) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
    * [.subjectId(id)](#StatusList2021CredentialBuilder+subjectId) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
    * [.expirationDate(time)](#StatusList2021CredentialBuilder+expirationDate) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
    * [.issuer(issuer)](#StatusList2021CredentialBuilder+issuer) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
    * [.context(context)](#StatusList2021CredentialBuilder+context) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
    * [.type(t)](#StatusList2021CredentialBuilder+type) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
    * [.proof(proof)](#StatusList2021CredentialBuilder+proof) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
    * [.build()](#StatusList2021CredentialBuilder+build) ⇒ [<code>StatusList2021Credential</code>](#StatusList2021Credential)

<a name="new_StatusList2021CredentialBuilder_new"></a>

### new StatusList2021CredentialBuilder(status_list)
Creates a new [StatusList2021CredentialBuilder](#StatusList2021CredentialBuilder).


| Param | Type |
| --- | --- |
| status_list | [<code>StatusList2021</code>](#StatusList2021) \| <code>undefined</code> | 

<a name="StatusList2021CredentialBuilder+purpose"></a>

### statusList2021CredentialBuilder.purpose(purpose) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
Sets the purpose of the [StatusList2021Credential](#StatusList2021Credential) that is being created.

**Kind**: instance method of [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)  

| Param | Type |
| --- | --- |
| purpose | <code>number</code> | 

<a name="StatusList2021CredentialBuilder+subjectId"></a>

### statusList2021CredentialBuilder.subjectId(id) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
Sets `credentialSubject.id`.

**Kind**: instance method of [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)  

| Param | Type |
| --- | --- |
| id | <code>string</code> | 

<a name="StatusList2021CredentialBuilder+expirationDate"></a>

### statusList2021CredentialBuilder.expirationDate(time) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
Sets the expiration date of the credential.

**Kind**: instance method of [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)  

| Param | Type |
| --- | --- |
| time | [<code>Timestamp</code>](#Timestamp) | 

<a name="StatusList2021CredentialBuilder+issuer"></a>

### statusList2021CredentialBuilder.issuer(issuer) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
Sets the issuer of the credential.

**Kind**: instance method of [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)  

| Param | Type |
| --- | --- |
| issuer | <code>string</code> | 

<a name="StatusList2021CredentialBuilder+context"></a>

### statusList2021CredentialBuilder.context(context) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
Sets the context of the credential.

**Kind**: instance method of [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)  

| Param | Type |
| --- | --- |
| context | <code>string</code> | 

<a name="StatusList2021CredentialBuilder+type"></a>

### statusList2021CredentialBuilder.type(t) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
Adds a credential type.

**Kind**: instance method of [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)  

| Param | Type |
| --- | --- |
| t | <code>string</code> | 

<a name="StatusList2021CredentialBuilder+proof"></a>

### statusList2021CredentialBuilder.proof(proof) ⇒ [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)
Adds a credential's proof.

**Kind**: instance method of [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)  

| Param | Type |
| --- | --- |
| proof | [<code>Proof</code>](#Proof) | 

<a name="StatusList2021CredentialBuilder+build"></a>

### statusList2021CredentialBuilder.build() ⇒ [<code>StatusList2021Credential</code>](#StatusList2021Credential)
Attempts to build a valid [StatusList2021Credential](#StatusList2021Credential) with the previously provided data.

**Kind**: instance method of [<code>StatusList2021CredentialBuilder</code>](#StatusList2021CredentialBuilder)  
<a name="StatusList2021Entry"></a>

## StatusList2021Entry
[StatusList2021Entry](https://www.w3.org/TR/2023/WD-vc-status-list-20230427/#statuslist2021entry) implementation.

**Kind**: global class  

* [StatusList2021Entry](#StatusList2021Entry)
    * [new StatusList2021Entry(status_list, purpose, index, id)](#new_StatusList2021Entry_new)
    * _instance_
        * [.id()](#StatusList2021Entry+id) ⇒ <code>string</code>
        * [.purpose()](#StatusList2021Entry+purpose) ⇒ <code>number</code>
        * [.index()](#StatusList2021Entry+index) ⇒ <code>number</code>
        * [.statusListCredential()](#StatusList2021Entry+statusListCredential) ⇒ <code>string</code>
        * [.toStatus()](#StatusList2021Entry+toStatus) ⇒ <code>Status</code>
        * [.clone()](#StatusList2021Entry+clone) ⇒ [<code>StatusList2021Entry</code>](#StatusList2021Entry)
        * [.toJSON()](#StatusList2021Entry+toJSON) ⇒ <code>any</code>
    * _static_
        * [.fromJSON(json)](#StatusList2021Entry.fromJSON) ⇒ [<code>StatusList2021Entry</code>](#StatusList2021Entry)

<a name="new_StatusList2021Entry_new"></a>

### new StatusList2021Entry(status_list, purpose, index, id)
Creates a new [StatusList2021Entry](#StatusList2021Entry).


| Param | Type |
| --- | --- |
| status_list | <code>string</code> | 
| purpose | <code>number</code> | 
| index | <code>number</code> | 
| id | <code>string</code> \| <code>undefined</code> | 

<a name="StatusList2021Entry+id"></a>

### statusList2021Entry.id() ⇒ <code>string</code>
Returns this `credentialStatus`'s `id`.

**Kind**: instance method of [<code>StatusList2021Entry</code>](#StatusList2021Entry)  
<a name="StatusList2021Entry+purpose"></a>

### statusList2021Entry.purpose() ⇒ <code>number</code>
Returns the purpose of this entry.

**Kind**: instance method of [<code>StatusList2021Entry</code>](#StatusList2021Entry)  
<a name="StatusList2021Entry+index"></a>

### statusList2021Entry.index() ⇒ <code>number</code>
Returns the index of this entry.

**Kind**: instance method of [<code>StatusList2021Entry</code>](#StatusList2021Entry)  
<a name="StatusList2021Entry+statusListCredential"></a>

### statusList2021Entry.statusListCredential() ⇒ <code>string</code>
Returns the referenced [StatusList2021Credential](#StatusList2021Credential)'s url.

**Kind**: instance method of [<code>StatusList2021Entry</code>](#StatusList2021Entry)  
<a name="StatusList2021Entry+toStatus"></a>

### statusList2021Entry.toStatus() ⇒ <code>Status</code>
Downcasts [this](this) to [Status](Status)

**Kind**: instance method of [<code>StatusList2021Entry</code>](#StatusList2021Entry)  
<a name="StatusList2021Entry+clone"></a>

### statusList2021Entry.clone() ⇒ [<code>StatusList2021Entry</code>](#StatusList2021Entry)
Deep clones the object.

**Kind**: instance method of [<code>StatusList2021Entry</code>](#StatusList2021Entry)  
<a name="StatusList2021Entry+toJSON"></a>

### statusList2021Entry.toJSON() ⇒ <code>any</code>
Serializes this to a JSON object.

**Kind**: instance method of [<code>StatusList2021Entry</code>](#StatusList2021Entry)  
<a name="StatusList2021Entry.fromJSON"></a>

### StatusList2021Entry.fromJSON(json) ⇒ [<code>StatusList2021Entry</code>](#StatusList2021Entry)
Deserializes an instance from a JSON object.

**Kind**: static method of [<code>StatusList2021Entry</code>](#StatusList2021Entry)  

| Param | Type |
| --- | --- |
| json | <code>any</code> | 

<a name="Storage"></a>

## Storage
A type wrapping a `JwkStorage` and `KeyIdStorage` that should always be used together when
working with storage backed DID documents.

**Kind**: global class  

* [Storage](#Storage)
    * [new Storage(jwkStorage, keyIdStorage)](#new_Storage_new)
    * [.keyIdStorage()](#Storage+keyIdStorage) ⇒ <code>KeyIdStorage</code>
    * [.keyStorage()](#Storage+keyStorage) ⇒ <code>JwkStorage</code>

<a name="new_Storage_new"></a>

### new Storage(jwkStorage, keyIdStorage)
Constructs a new `Storage`.


| Param | Type |
| --- | --- |
| jwkStorage | <code>JwkStorage</code> | 
| keyIdStorage | <code>KeyIdStorage</code> | 

<a name="Storage+keyIdStorage"></a>

### storage.keyIdStorage() ⇒ <code>KeyIdStorage</code>
Obtain the wrapped `KeyIdStorage`.

**Kind**: instance method of [<code>Storage</code>](#Storage)  
<a name="Storage+keyStorage"></a>

### storage.keyStorage() ⇒ <code>JwkStorage</code>
Obtain the wrapped `JwkStorage`.

**Kind**: instance method of [<code>Storage</code>](#Storage)  
<a name="Timestamp"></a>

## Timestamp
**Kind**: global class  

* [Timestamp](#Timestamp)
    * [new Timestamp()](#new_Timestamp_new)
    * _instance_
        * [.toRFC3339()](#Timestamp+toRFC3339) ⇒ <code>string</code>
        * [.checkedAdd(duration)](#Timestamp+checkedAdd) ⇒ [<code>Timestamp</code>](#Timestamp) \| <code>undefined</code>
        * [.checkedSub(duration)](#Timestamp+checkedSub) ⇒ [<code>Timestamp</code>](#Timestamp) \| <code>undefined</code>
        * [.toJSON()](#Timestamp+toJSON) ⇒ <code>any</code>
    * _static_
        * [.parse(input)](#Timestamp.parse) ⇒ [<code>Timestamp</code>](#Timestamp)
        * [.nowUTC()](#Timestamp.nowUTC) ⇒ [<code>Timestamp</code>](#Timestamp)
        * [.fromJSON(json)](#Timestamp.fromJSON) ⇒ [<code>Timestamp</code>](#Timestamp)

<a name="new_Timestamp_new"></a>

### new Timestamp()
Creates a new [Timestamp](#Timestamp) with the current date and time.

<a name="Timestamp+toRFC3339"></a>

### timestamp.toRFC3339() ⇒ <code>string</code>
Returns the [Timestamp](#Timestamp) as an RFC 3339 `String`.

**Kind**: instance method of [<code>Timestamp</code>](#Timestamp)  
<a name="Timestamp+checkedAdd"></a>

### timestamp.checkedAdd(duration) ⇒ [<code>Timestamp</code>](#Timestamp) \| <code>undefined</code>
Computes `self + duration`

Returns `null` if the operation leads to a timestamp not in the valid range for [RFC 3339](https://tools.ietf.org/html/rfc3339).

**Kind**: instance method of [<code>Timestamp</code>](#Timestamp)  

| Param | Type |
| --- | --- |
| duration | [<code>Duration</code>](#Duration) | 

<a name="Timestamp+checkedSub"></a>

### timestamp.checkedSub(duration) ⇒ [<code>Timestamp</code>](#Timestamp) \| <code>undefined</code>
Computes `self - duration`

Returns `null` if the operation leads to a timestamp not in the valid range for [RFC 3339](https://tools.ietf.org/html/rfc3339).

**Kind**: instance method of [<code>Timestamp</code>](#Timestamp)  

| Param | Type |
| --- | --- |
| duration | [<code>Duration</code>](#Duration) | 

<a name="Timestamp+toJSON"></a>

### timestamp.toJSON() ⇒ <code>any</code>
Serializes this to a JSON object.

**Kind**: instance method of [<code>Timestamp</code>](#Timestamp)  
<a name="Timestamp.parse"></a>

### Timestamp.parse(input) ⇒ [<code>Timestamp</code>](#Timestamp)
Parses a [Timestamp](#Timestamp) from the provided input string.

**Kind**: static method of [<code>Timestamp</code>](#Timestamp)  

| Param | Type |
| --- | --- |
| input | <code>string</code> | 

<a name="Timestamp.nowUTC"></a>

### Timestamp.nowUTC() ⇒ [<code>Timestamp</code>](#Timestamp)
Creates a new [Timestamp](#Timestamp) with the current date and time.

**Kind**: static method of [<code>Timestamp</code>](#Timestamp)  
<a name="Timestamp.fromJSON"></a>

### Timestamp.fromJSON(json) ⇒ [<code>Timestamp</code>](#Timestamp)
Deserializes an instance from a JSON object.

**Kind**: static method of [<code>Timestamp</code>](#Timestamp)  

| Param | Type |
| --- | --- |
| json | <code>any</code> | 

<a name="UnknownCredential"></a>

## UnknownCredential
**Kind**: global class  

* [UnknownCredential](#UnknownCredential)
    * _instance_
        * [.tryIntoJwt()](#UnknownCredential+tryIntoJwt) ⇒ [<code>Jwt</code>](#Jwt) \| <code>undefined</code>
        * [.tryIntoCredential()](#UnknownCredential+tryIntoCredential) ⇒ [<code>Credential</code>](#Credential) \| <code>undefined</code>
        * [.tryIntoRaw()](#UnknownCredential+tryIntoRaw) ⇒ <code>Record.&lt;string, any&gt;</code> \| <code>undefined</code>
        * [.toJSON()](#UnknownCredential+toJSON) ⇒ <code>any</code>
        * [.clone()](#UnknownCredential+clone) ⇒ [<code>UnknownCredential</code>](#UnknownCredential)
    * _static_
        * [.fromJSON(json)](#UnknownCredential.fromJSON) ⇒ [<code>UnknownCredential</code>](#UnknownCredential)

<a name="UnknownCredential+tryIntoJwt"></a>

### unknownCredential.tryIntoJwt() ⇒ [<code>Jwt</code>](#Jwt) \| <code>undefined</code>
Returns a [Jwt](#Jwt) if the credential is of type string, `undefined` otherwise.

**Kind**: instance method of [<code>UnknownCredential</code>](#UnknownCredential)  
<a name="UnknownCredential+tryIntoCredential"></a>

### unknownCredential.tryIntoCredential() ⇒ [<code>Credential</code>](#Credential) \| <code>undefined</code>
Returns a [Credential](#Credential) if the credential is of said type, `undefined` otherwise.

**Kind**: instance method of [<code>UnknownCredential</code>](#UnknownCredential)  
<a name="UnknownCredential+tryIntoRaw"></a>

### unknownCredential.tryIntoRaw() ⇒ <code>Record.&lt;string, any&gt;</code> \| <code>undefined</code>
Returns the contained value as an Object, if it can be converted, `undefined` otherwise.

**Kind**: instance method of [<code>UnknownCredential</code>](#UnknownCredential)  
<a name="UnknownCredential+toJSON"></a>

### unknownCredential.toJSON() ⇒ <code>any</code>
Serializes this to a JSON object.

**Kind**: instance method of [<code>UnknownCredential</code>](#UnknownCredential)  
<a name="UnknownCredential+clone"></a>

### unknownCredential.clone() ⇒ [<code>UnknownCredential</code>](#UnknownCredential)
Deep clones the object.

**Kind**: instance method of [<code>UnknownCredential</code>](#UnknownCredential)  
<a name="UnknownCredential.fromJSON"></a>

### UnknownCredential.fromJSON(json) ⇒ [<code>UnknownCredential</code>](#UnknownCredential)
Deserializes an instance from a JSON object.

**Kind**: static method of [<code>UnknownCredential</code>](#UnknownCredential)  

| Param | Type |
| --- | --- |
| json | <code>any</code> | 

<a name="VerificationMethod"></a>

## VerificationMethod
A DID Document Verification Method.

**Kind**: global class  

* [VerificationMethod](#VerificationMethod)
    * [new VerificationMethod(id, controller, type_, data)](#new_VerificationMethod_new)
    * _instance_
        * [.id()](#VerificationMethod+id) ⇒ [<code>DIDUrl</code>](#DIDUrl)
        * [.setId(id)](#VerificationMethod+setId)
        * [.controller()](#VerificationMethod+controller) ⇒ [<code>CoreDID</code>](#CoreDID)
        * [.setController(did)](#VerificationMethod+setController)
        * [.type()](#VerificationMethod+type) ⇒ [<code>MethodType</code>](#MethodType)
        * [.setType(type_)](#VerificationMethod+setType)
        * [.data()](#VerificationMethod+data) ⇒ [<code>MethodData</code>](#MethodData)
        * [.setData(data)](#VerificationMethod+setData)
        * [.properties()](#VerificationMethod+properties) ⇒ <code>Map.&lt;string, any&gt;</code>
        * [.setPropertyUnchecked(key, value)](#VerificationMethod+setPropertyUnchecked)
        * [.toJSON()](#VerificationMethod+toJSON) ⇒ <code>any</code>
        * [.clone()](#VerificationMethod+clone) ⇒ [<code>VerificationMethod</code>](#VerificationMethod)
    * _static_
        * [.newFromJwk(did, key, fragment)](#VerificationMethod.newFromJwk) ⇒ [<code>VerificationMethod</code>](#VerificationMethod)
        * [.fromJSON(json)](#VerificationMethod.fromJSON) ⇒ [<code>VerificationMethod</code>](#VerificationMethod)

<a name="new_VerificationMethod_new"></a>

### new VerificationMethod(id, controller, type_, data)
Create a custom [VerificationMethod](#VerificationMethod).


| Param | Type |
| --- | --- |
| id | [<code>DIDUrl</code>](#DIDUrl) | 
| controller | [<code>CoreDID</code>](#CoreDID) | 
| type_ | [<code>MethodType</code>](#MethodType) | 
| data | [<code>MethodData</code>](#MethodData) | 

<a name="VerificationMethod+id"></a>

### verificationMethod.id() ⇒ [<code>DIDUrl</code>](#DIDUrl)
Returns a copy of the [DIDUrl](#DIDUrl) of the [VerificationMethod](#VerificationMethod)'s `id`.

**Kind**: instance method of [<code>VerificationMethod</code>](#VerificationMethod)  
<a name="VerificationMethod+setId"></a>

### verificationMethod.setId(id)
Sets the id of the [VerificationMethod](#VerificationMethod).

**Kind**: instance method of [<code>VerificationMethod</code>](#VerificationMethod)  

| Param | Type |
| --- | --- |
| id | [<code>DIDUrl</code>](#DIDUrl) | 

<a name="VerificationMethod+controller"></a>

### verificationMethod.controller() ⇒ [<code>CoreDID</code>](#CoreDID)
Returns a copy of the `controller` `DID` of the [VerificationMethod](#VerificationMethod).

**Kind**: instance method of [<code>VerificationMethod</code>](#VerificationMethod)  
<a name="VerificationMethod+setController"></a>

### verificationMethod.setController(did)
Sets the `controller` `DID` of the [VerificationMethod](#VerificationMethod) object.

**Kind**: instance method of [<code>VerificationMethod</code>](#VerificationMethod)  

| Param | Type |
| --- | --- |
| did | [<code>CoreDID</code>](#CoreDID) | 

<a name="VerificationMethod+type"></a>

### verificationMethod.type() ⇒ [<code>MethodType</code>](#MethodType)
Returns a copy of the [VerificationMethod](#VerificationMethod) type.

**Kind**: instance method of [<code>VerificationMethod</code>](#VerificationMethod)  
<a name="VerificationMethod+setType"></a>

### verificationMethod.setType(type_)
Sets the [VerificationMethod](#VerificationMethod) type.

**Kind**: instance method of [<code>VerificationMethod</code>](#VerificationMethod)  

| Param | Type |
| --- | --- |
| type_ | [<code>MethodType</code>](#MethodType) | 

<a name="VerificationMethod+data"></a>

### verificationMethod.data() ⇒ [<code>MethodData</code>](#MethodData)
Returns a copy of the [VerificationMethod](#VerificationMethod) public key data.

**Kind**: instance method of [<code>VerificationMethod</code>](#VerificationMethod)  
<a name="VerificationMethod+setData"></a>

### verificationMethod.setData(data)
Sets [VerificationMethod](#VerificationMethod) public key data.

**Kind**: instance method of [<code>VerificationMethod</code>](#VerificationMethod)  

| Param | Type |
| --- | --- |
| data | [<code>MethodData</code>](#MethodData) | 

<a name="VerificationMethod+properties"></a>

### verificationMethod.properties() ⇒ <code>Map.&lt;string, any&gt;</code>
Get custom properties of the Verification Method.

**Kind**: instance method of [<code>VerificationMethod</code>](#VerificationMethod)  
<a name="VerificationMethod+setPropertyUnchecked"></a>

### verificationMethod.setPropertyUnchecked(key, value)
Adds a custom property to the Verification Method.
If the value is set to `null`, the custom property will be removed.

### WARNING
This method can overwrite existing properties like `id` and result
in an invalid Verification Method.

**Kind**: instance method of [<code>VerificationMethod</code>](#VerificationMethod)  

| Param | Type |
| --- | --- |
| key | <code>string</code> | 
| value | <code>any</code> | 

<a name="VerificationMethod+toJSON"></a>

### verificationMethod.toJSON() ⇒ <code>any</code>
Serializes this to a JSON object.

**Kind**: instance method of [<code>VerificationMethod</code>](#VerificationMethod)  
<a name="VerificationMethod+clone"></a>

### verificationMethod.clone() ⇒ [<code>VerificationMethod</code>](#VerificationMethod)
Deep clones the object.

**Kind**: instance method of [<code>VerificationMethod</code>](#VerificationMethod)  
<a name="VerificationMethod.newFromJwk"></a>

### VerificationMethod.newFromJwk(did, key, fragment) ⇒ [<code>VerificationMethod</code>](#VerificationMethod)
Creates a new [VerificationMethod](#VerificationMethod) from the given `did` and [Jwk](#Jwk). If `fragment` is not given
the `kid` value of the given `key` will be used, if present, otherwise an error is returned.

### Recommendations
The following recommendations are essentially taken from the `publicKeyJwk` description from the [DID specification](https://www.w3.org/TR/did-core/#dfn-publickeyjwk):
- It is recommended that verification methods that use `Jwks` to represent their public keys use the value of
  `kid` as their fragment identifier. This is
done automatically if `None` is passed in as the fragment.
- It is recommended that [Jwk](#Jwk) kid values are set to the public key fingerprint.

**Kind**: static method of [<code>VerificationMethod</code>](#VerificationMethod)  

| Param | Type |
| --- | --- |
| did | [<code>CoreDID</code>](#CoreDID) \| <code>IToCoreDID</code> | 
| key | [<code>Jwk</code>](#Jwk) | 
| fragment | <code>string</code> \| <code>undefined</code> | 

<a name="VerificationMethod.fromJSON"></a>

### VerificationMethod.fromJSON(json) ⇒ [<code>VerificationMethod</code>](#VerificationMethod)
Deserializes an instance from a JSON object.

**Kind**: static method of [<code>VerificationMethod</code>](#VerificationMethod)  

| Param | Type |
| --- | --- |
| json | <code>any</code> | 

<a name="StatusCheck"></a>

## StatusCheck
Controls validation behaviour when checking whether or not a credential has been revoked by its
[`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status).

**Kind**: global variable  
<a name="Strict"></a>

## Strict
Validate the status if supported, reject any unsupported
[`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status) types.

Only `RevocationBitmap2022` is currently supported.

This is the default.

**Kind**: global variable  
<a name="SkipUnsupported"></a>

## SkipUnsupported
Validate the status if supported, skip any unsupported
[`credentialStatus`](https://www.w3.org/TR/vc-data-model/#status) types.

**Kind**: global variable  
<a name="SkipAll"></a>

## SkipAll
Skip all status checks.

**Kind**: global variable  
<a name="SubjectHolderRelationship"></a>

## SubjectHolderRelationship
Declares how credential subjects must relate to the presentation holder.

See also the [Subject-Holder Relationship](https://www.w3.org/TR/vc-data-model/#subject-holder-relationships) section of the specification.

**Kind**: global variable  
<a name="AlwaysSubject"></a>

## AlwaysSubject
The holder must always match the subject on all credentials, regardless of their [`nonTransferable`](https://www.w3.org/TR/vc-data-model/#nontransferable-property) property.
This variant is the default.

**Kind**: global variable  
<a name="SubjectOnNonTransferable"></a>

## SubjectOnNonTransferable
The holder must match the subject only for credentials where the [`nonTransferable`](https://www.w3.org/TR/vc-data-model/#nontransferable-property) property is `true`.

**Kind**: global variable  
<a name="Any"></a>

## Any
The holder is not required to have any kind of relationship to any credential subject.

**Kind**: global variable  
<a name="FailFast"></a>

## FailFast
Declares when validation should return if an error occurs.

**Kind**: global variable  
<a name="AllErrors"></a>

## AllErrors
Return all errors that occur during validation.

**Kind**: global variable  
<a name="FirstError"></a>

## FirstError
Return after the first error occurs.

**Kind**: global variable  
<a name="StateMetadataEncoding"></a>

## StateMetadataEncoding
**Kind**: global variable  
<a name="MethodRelationship"></a>

## MethodRelationship
**Kind**: global variable  
<a name="CredentialStatus"></a>

## CredentialStatus
**Kind**: global variable  
<a name="StatusPurpose"></a>

## StatusPurpose
Purpose of a [StatusList2021](#StatusList2021).

**Kind**: global variable  
<a name="start"></a>

## start()
Initializes the console error panic hook for better error messages

**Kind**: global function  
<a name="encodeB64"></a>

## encodeB64(data) ⇒ <code>string</code>
Encode the given bytes in url-safe base64.

**Kind**: global function  

| Param | Type |
| --- | --- |
| data | <code>Uint8Array</code> | 

<a name="decodeB64"></a>

## decodeB64(data) ⇒ <code>Uint8Array</code>
Decode the given url-safe base64-encoded slice into its raw bytes.

**Kind**: global function  

| Param | Type |
| --- | --- |
| data | <code>Uint8Array</code> | 

<a name="verifyEd25519"></a>

## verifyEd25519(alg, signingInput, decodedSignature, publicKey)
Verify a JWS signature secured with the `EdDSA` algorithm and curve `Ed25519`.

This function is useful when one is composing a `IJwsVerifier` that delegates
`EdDSA` verification with curve `Ed25519` to this function.

# Warning

This function does not check whether `alg = EdDSA` in the protected header. Callers are expected to assert this
prior to calling the function.

**Kind**: global function  

| Param | Type |
| --- | --- |
| alg | <code>JwsAlgorithm</code> | 
| signingInput | <code>Uint8Array</code> | 
| decodedSignature | <code>Uint8Array</code> | 
| publicKey | [<code>Jwk</code>](#Jwk) |