Skip to content

feat: add w3c sign function#4

Merged
rongquan1 merged 9 commits into
mainfrom
feat/add-w3c-sign-function
Jan 14, 2026
Merged

feat: add w3c sign function#4
rongquan1 merged 9 commits into
mainfrom
feat/add-w3c-sign-function

Conversation

@pennhan-dex

@pennhan-dex pennhan-dex commented Jan 13, 2026
edited by coderabbitai Bot
Loading

Copy link
Copy Markdown
Contributor

w3c-sign CLI command

Summary

Adds a w3c-sign command that signs a W3C Verifiable Credential JSON using a DID key-pair JSON file via @trustvc/trustvc, and writes the signed credential to disk.

Changes

  • Command: src/commands/w3c/sign.ts
    • Prompts for:
      • DID key-pair JSON path (required)
      • Credential JSON path (required)
      • Crypto suite: ecdsa-sd-2023 or bbs-2023
      • Output directory (optional, defaults to .)
    • Validates output directory via isDirectoryValid(...)
    • Signs via signW3C(credential, keyPairData, encryptionAlgorithm)
    • Writes output to <outputDir>/signed_vc.json when signing succeeds
    • Logs errors via signale.error(...) on failures

Tests

  • Unit tests (tests/commands/w3c/sign.test.ts): 10 test cases

    • Covers prompting behavior for both supported suites.
    • Covers prompt validation rules and supported algorithm choices.
    • Covers failure cases for:
      • bad keypair/credential file input (read failures)
      • invalid output directory
      • signing error result (no output written)
      • write failure

  • Command-level tests (tests/main.test.ts): 4 test cases (for w3c-sign)

    • Covers the full handler() flow for:
      • successful signing to default output directory (.)
      • successful signing to a custom output directory
      • invalid output directory (error logged, signing not attempted)
      • write failure (error logged)

Notes

  • Output filename is fixed as signed_vc.json in the chosen directory.

Summary by CodeRabbit

  • New Features

    • New CLI command to sign Verifiable Credentials with selectable cryptosuites (ECDSA-SD-2023, BBS-2023), interactive prompts, and optional custom output directory; produces signed_vc.json.

  • Tests

    • Comprehensive test suites covering prompts, algorithm choices, file I/O, success/failure paths, and end-to-end signing flow.

  • Documentation

    • README updated with command usage, examples, and workflow.

  • Chores

    • signed_vc.json added to .gitignore.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai

coderabbitai Bot commented Jan 13, 2026
edited
Loading

Copy link
Copy Markdown
📝 Walkthrough

Walkthrough

Adds a new CLI command w3c-sign that prompts for a DID key-pair and an unsigned Verifiable Credential, selects a cryptographic suite (ECDSA-SD-2023 or BBS-2023), invokes signW3C to sign the credential, and writes the signed VC to disk.

Changes

Cohort / File(s) Summary
W3C Signing Command
src/commands/w3c/sign.ts		 New CLI command exporting command, describe, handler, promptForInputs, and sign. Interactive prompts for credential and key-pair JSON paths, algorithm choice, and output directory; input validation; calls signW3C; writes signed_vc.json; logs success/errors.
Type Definitions
src/types.ts		 Adds exported SignInput type: { credential: RawVerifiableCredential; keyPairData: typeof issuer.IssuedDIDOption; encryptionAlgorithm: typeof credentialStatus.cryptoSuiteName; pathToSignedVC: string }.
Tests
tests/commands/w3c/sign.test.ts, tests/main.test.ts		 New unit and integration tests covering prompt flows, validation rules, directory checks, signW3C interactions for both algorithms, successful writes, and failure scenarios. Extensive mocking of prompts, file I/O, trustvc signing, and signale logging.
Docs
README.md		 Documentation updated to document the new w3c-sign command, its interactive prompts, usage example, and output file.
Ignore
.gitignore		 Added entry to ignore signed_vc.json generated by the CLI.

Sequence Diagram

sequenceDiagram
    participant User as CLI User
    participant CLI as w3c-sign Command
    participant FS as File System
    participant Sign as signW3C Service
    participant Log as Logger

    User->>CLI: invoke handler()
    CLI->>User: promptForInputs()
    CLI->>FS: read key-pair JSON (path)
    FS-->>CLI: keyPairData
    CLI->>FS: read credential JSON (path)
    FS-->>CLI: credential
    CLI->>User: choose encryptionAlgorithm & output path
    CLI->>FS: validate/create output directory
    CLI->>Sign: signW3C(credential, encryptionAlgorithm, keyPairData)
    Sign-->>CLI: signedVC
    CLI->>FS: write signed_vc.json to output path
    FS-->>CLI: write result (ok / error)
    CLI->>Log: log success or error
Loading

Estimated Code Review Effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐇 I hopped in with keys and a VC so fine,
Picked ECDSA or BBS by design,
Fed them to signW3C, watched signatures grow,
Wrote signed_vc.json — a shiny new show! ✨

📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Free

📥 Commits

Reviewing files that changed from the base of the PR and between fe2dba0 and a775b9d.

📒 Files selected for processing (5)
  • .gitignore
  • src/commands/w3c/sign.ts
  • src/types.ts
  • tests/commands/w3c/sign.test.ts
  • tests/main.test.ts
✅ Files skipped from review due to trivial changes (1)
  • .gitignore
🚧 Files skipped from review as they are similar to previous changes (3)
  • src/types.ts
  • tests/commands/w3c/sign.test.ts
  • tests/main.test.ts

✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.

Note

🎁 Summarized by CodeRabbit Free

Your organization is on the Free plan. CodeRabbit will generate a high-level summary and a walkthrough for each pull request. For a comprehensive line-by-line review, please upgrade your subscription to CodeRabbit Pro by visiting https://app.coderabbit.ai/login.

Comment @coderabbitai help to get the list of available commands and usage tips.

@pennhan-dex pennhan-dex requested a review from rongquan1 January 13, 2026 02:57
@rongquan1 rongquan1 changed the title Feat/add w3c sign function feat: add w3c sign function Jan 14, 2026
@rongquan1 rongquan1 merged commit ea31015 into main Jan 14, 2026
5 checks passed
@rongquan1 rongquan1 deleted the feat/add-w3c-sign-function branch January 14, 2026 06:54
tradetrustimda pushed a commit that referenced this pull request Mar 10, 2026
@semantic-release-bot
chore(release): 1.0.0 [skip ci]
89c9876 
# 1.0.0 (2026-03-10)

### Bug Fixes

* add tamper check for all blockchain functions ([#21](#21)) ([ea64760](ea64760))
* base64 file format removal ([514f18b](514f18b))
* ether signer compatibility ([a3c36de](a3c36de))
* handle network selection and add new fixtures ([#15](#15)) ([62b2031](62b2031))
* one line command and interactive terminal fix ([23fb955](23fb955))
* package lock ([2e40722](2e40722))
* remove test output files ([f63a4b3](f63a4b3))
* remove the base64 encoding for the file encryption ([#23](#23)) ([d4600e4](d4600e4))
* remove unnecessary details in the readme ([6a9b8a2](6a9b8a2))
* update cli process ([#8](#8)) ([472a9e6](472a9e6))
* updated the file handling error and folder creation for outputs ([a07c6a3](a07c6a3))
* wallet creation ([#14](#14)) ([6499276](6499276))

### Features

* add mint function command ([#1](#1)) ([22ea11f](22ea11f))
* add verify command ([#7](#7)) ([da85177](da85177))
* add w3c sign function ([#4](#4)) ([ea31015](ea31015))
* added encrypt/decrypt functions to the OA feature ([6dab3e7](6dab3e7))
* added functionality for transaction cancel ([33d73f2](33d73f2))
* added husky for lint checks ([70f3ea5](70f3ea5))
* added the gracefull error handling ([27ef0cf](27ef0cf))
* credential status command ([fb83698](fb83698))
* deploy document store command ([#16](#16)) ([bee4e7a](bee4e7a))
* document store ownership ([#20](#20)) ([a3906da](a3906da))
* fixed the prettier formats ([661c27e](661c27e))
* issue and revoke command ([#17](#17)) ([1df37ff](1df37ff))
* oa sign command ([6fc14cb](6fc14cb))
* reject commands ([#5](#5)) ([f50ce1b](f50ce1b))
* remove example files ([eecf1fb](eecf1fb))
* return commands ([#6](#6)) ([d999e6c](d999e6c))
* token registry command ([#19](#19)) ([0f5c523](0f5c523))
* transfer commands ([#3](#3)) ([8414130](8414130))
* update command process and tests ([#12](#12)) ([97986f5](97986f5))
* update the transfer commands with new input process ([#10](#10)) ([603e534](603e534))
* updated package version for trustvc ([995b43f](995b43f))
* updated packages ([7f9712c](7f9712c))
* updated the readme ([8fa493a](8fa493a))
* wallet creation encryption ([#13](#13)) ([e4d368c](e4d368c))
* wrap unwrap oa command ([#9](#9)) ([4ca75f0](4ca75f0))
@tradetrustimda

tradetrustimda commented Mar 10, 2026

Copy link
Copy Markdown

🎉 This PR is included in version 1.0.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rongquan1 rongquan1 rongquan1 approved these changes

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pennhan-dex @tradetrustimda @rongquan1