TrustVC · RishabhS7 · Dec 30, 2025 · Dec 30, 2025 · coderabbitai · Dec 30, 2025
diff --git a/package-lock.json b/package-lock.json
diff --git a/packages/w3c-issuer/src/did-web/wellKnown/generate.ts b/packages/w3c-issuer/src/did-web/wellKnown/generate.ts
@@ -134,17 +134,20 @@ export const nextKeyId = (wellKnown: DidWellKnownDocument): number => {
   // Filter for all key id
   const keyIds = wellKnown?.verificationMethod?.map((s) => s?.id) ?? [];
 
-  // strip the key id to get the number
-  const keyIdNumbers = keyIds.map((s) => {
-    const parts = s?.split('#');
-    if (!parts) return 0;
-    return parts?.[parts.length - 1]?.split('keys-')?.[1];
-  });
+  // strip the key id to get the number (only for keys that follow 'keys-{number}' pattern)
+  const keyIdNumbers = keyIds
+    .map((s) => {
+      const parts = s?.split('#');
+      if (!parts || parts.length < 2) return null;
+      const fragment = parts[parts.length - 1];
+      // Only process if it follows the 'keys-' pattern
+      if (!fragment?.includes('keys-')) return null;
+      return fragment.split('keys-')[1];
+    })
+    .filter((s) => s !== null && s !== undefined); // Remove null/undefined values
 
-  // filter out the non-numeric values using Number and convert to number
-  const keyIdNumbersFiltered = keyIdNumbers
-    .filter((s) => !Number.isInteger(s))
-    .map((s) => Number(s));
+  // filter out the non-numeric values and convert to number
+  const keyIdNumbersFiltered = keyIdNumbers.filter((s) => !isNaN(Number(s))).map((s) => Number(s));
 
   // get the max number
   if (keyIdNumbersFiltered.length === 0) return 1;

diff --git a/packages/w3c-issuer/src/did-web/wellKnown/index.ts b/packages/w3c-issuer/src/did-web/wellKnown/index.ts
@@ -30,7 +30,18 @@ export const issueDID = async (didInput: IssuedDIDOption): Promise<IssuedDID> =>
 
   const keyId = nextKeyId(wellKnownDid);
 
-  const generatedKeyPair = await generateKeyPair(didInput);
+  // Check if user provided public key data
+  const hasModernPublicKey = didInput.publicKeyMultibase;
+  const hasLegacyPublicKey = didInput.publicKeyBase58;
+  const userProvidedKeys = hasModernPublicKey || hasLegacyPublicKey;
+
+  // Validate that type is provided when keys are provided
+  if (userProvidedKeys && !didInput.type) {
+    throw new Error('Key pair type must be provided when supplying existing keys');
+  }
+
+  // Only generate if user didn't provide complete key pair
+  const generatedKeyPair = userProvidedKeys ? { ...didInput } : await generateKeyPair(didInput);
 
   let keyPairs: PrivateKeyPair;