feat: add initial Swift bindings

.github/workflows/ci.yml

@@ -0,0 +1,121 @@
+name: CI
+permissions:
+    contents: read
+
+on:
+    push:
+        branches: ['main']
+    pull_request:
+
+jobs:
+    rust-core:
+        name: Rust Core - Build & Test
+        runs-on: ubuntu-latest
+        permissions:
+            contents: read
+        steps:
+            - uses: actions/checkout@v4
+
+            - name: Setup Rust toolchain
+              uses: actions-rust-lang/setup-rust-toolchain@v1
+              with:
+                  toolchain: stable
+
+            - name: Cache Cargo dependencies
+              uses: actions/cache@v4
+              with:
+                  path: |
+                      ~/.cargo/bin/
+                      ~/.cargo/registry/index/
+                      ~/.cargo/registry/cache/
+                      ~/.cargo/git/db/
+                      target/
+                  key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
+                  restore-keys: |
+                      ${{ runner.os }}-cargo-
+
+            - name: Check formatting
+              run: cargo fmt --all -- --check
+
+            - name: Lint with Clippy
+              run: cargo clippy --all-targets --all-features -- -D warnings
+
+            - name: Build Rust core
+              run: cargo build --release --package idkit-core
+
+            - name: Run Rust tests
+              run: cargo test --package idkit-core
+
+    swift-bindings:
+        name: Swift Bindings - Build & Test
+        runs-on: ${{ matrix.os }}
+        needs: rust-core
+        strategy:
+            fail-fast: false
+            matrix:
+                include:
+                    - os: macos-15
+                      xcode: "16.0"
+                    - os: macos-15
+                      xcode: "16.1"
+        env:
+            DEVELOPER_DIR: /Applications/Xcode_${{ matrix.xcode }}.app/Contents/Developer
+        permissions:
+            contents: read
+        steps:
+            - uses: actions/checkout@v4
+
+            - name: Setup Rust toolchain
+              uses: actions-rust-lang/setup-rust-toolchain@v1
+              with:
+                  toolchain: stable
+
+            - name: Cache Cargo dependencies
+              uses: actions/cache@v4
+              with:
+                  path: |
+                      ~/.cargo/bin/
+                      ~/.cargo/registry/index/
+                      ~/.cargo/registry/cache/
+                      ~/.cargo/git/db/
+                      target/
+                  key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
+                  restore-keys: |
+                      ${{ runner.os }}-cargo-
+
+            - name: Install uniffi-bindgen
+              run: cargo install uniffi-bindgen --version 0.30.0
+
+            - name: Restore Swift .build cache
+              id: restore-swift-build
+              uses: actions/cache/restore@v4
+              with:
+                  path: swift/.build
+                  restore-keys: "swiftpm-build-${{ runner.os }}-${{ matrix.xcode }}-"
+                  key: "swiftpm-build-${{ runner.os }}-${{ matrix.xcode }}-${{ hashFiles('**/Package.swift', '**/Package.resolved') }}"
+
+            - name: Build Rust library
+              run: cargo build --release --package idkit-uniffi
+
+            - name: Generate Swift bindings
+              run: |
+                  mkdir -p swift/Sources/IDKit/Generated
+                  uniffi-bindgen generate \
+                      --library target/release/libidkit.dylib \
+                      --language swift \
+                      --out-dir swift/Sources/IDKit/Generated
+
+            - name: Build Swift package
+              working-directory: swift
+              run: swift build
+
+            - name: Run Swift tests
+              working-directory: swift
+              run: swift test
+
+            - name: Cache Swift .build
+              if: steps.restore-swift-build.outputs.cache-hit != 'true'
+              uses: actions/cache/save@v4
+              with:
+                  path: swift/.build
+                  key: "swiftpm-build-${{ runner.os }}-${{ matrix.xcode }}-${{ hashFiles('**/Package.swift', '**/Package.resolved') }}"

.github/workflows/lint-pr.yml

@@ -0,0 +1,25 @@
+name: Validate PR conventions
+permissions:
+    contents: read
+
+on:
+    pull_request:
+        types:
+            - opened
+            - edited
+            - synchronize
+
+jobs:
+    lint-pr:
+        name: Ensure PR follows conventional commits
+        runs-on: ubuntu-latest
+        permissions:
+            contents: read
+            pull-requests: read
+        steps:
+            - uses: amannn/action-semantic-pull-request@v4
+              env:
+                  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+              with:
+                  validateSingleCommit: true
+                  validateSingleCommitMatchesPrTitle: true

.gitignore

@@ -4,8 +4,8 @@
 *.pdb
 
 # Build outputs (following walletkit model)
-# Swift build outputs are not committed to this repo
-/swift/Sources/IDKit/
+# Swift generated bindings are not committed to this repo (regenerate with scripts/build-swift.sh)
+/swift/Sources/IDKit/Generated/
 /swift/IDKitFFI.xcframework/
 /ios_build/
 

Cargo.toml

@@ -21,7 +21,7 @@ serde_json = "1.0"
 
 # Cryptography
 aes-gcm = "0.10"
-getrandom = "0.2"
+getrandom = { version = "0.2", features = ["js"] }
 tiny-keccak = { version = "2.0", features = ["keccak"] }
 
 # Encoding

README.md

@@ -4,10 +4,13 @@ IDKit is the toolkit for identity online. With IDKit you can easily interact wit
 
 ## Packages
 
-### Rust Core
-- **`idkit-core`**: Core Rust types (Credential, Request, Proof)
-- **`idkit-uniffi`**: UniFFI bindings scaffolding for future Swift/Kotlin support
-- **`idkit-wasm`**: WebAssembly bindings scaffolding for future browser support
+### Core
+- **`rust/core`**: Core Rust library with shared types, credential handling, session management, and cryptography
+
+### Language Bindings
+- **`js/packages/core`**: ✅ JavaScript/TypeScript with WASM for browser & Node.js ([docs](./js/packages/core/README.md))
+- **`kotlin/`**: Kotlin bindings via UniFFI for Android/JVM
+- **`swift/`**: Swift bindings via UniFFI for iOS/macOS
 
 ## Documentation
 

rust/core/src/bridge.rs

@@ -4,7 +4,7 @@ use crate::{
     crypto::{base64_decode, base64_encode, decrypt, encrypt},
     error::{AppError, Error, Result},
     types::{AppId, BridgeUrl, Proof, Request, Signal, VerificationLevel},
-    Constraints, ConstraintNode,
+    ConstraintNode, Constraints,
 };
 use serde::{Deserialize, Serialize};
 use std::time::Duration;
@@ -210,7 +210,11 @@ impl Session {
             return Err(Error::BridgeError(format!(
                 "Bridge request failed with status {}: {}",
                 status,
-                if body.is_empty() { "no error details" } else { &body }
+                if body.is_empty() {
+                    "no error details"
+                } else {
+                    &body
+                }
             )));
         }
 
@@ -255,15 +259,7 @@ impl Session {
                 .collect(),
         ));
 
-        Self::create_with_options(
-            app_id,
-            action,
-            requests,
-            None,
-            Some(constraints),
-            None,
-        )
-        .await
+        Self::create_with_options(app_id, action, requests, None, Some(constraints), None).await
     }
 
     /// Returns the connect URL for World App
@@ -273,10 +269,7 @@ impl Session {
         let bridge_param = if self.bridge_url == BridgeUrl::default() {
             String::new()
         } else {
-            format!(
-                "&b={}",
-                urlencoding::encode(self.bridge_url.as_str())
-            )
+            format!("&b={}", urlencoding::encode(self.bridge_url.as_str()))
         };
 
         format!(

rust/core/src/constraints.rs

@@ -251,7 +251,10 @@ mod tests {
 
         assert!(node.evaluate(&available));
         // Should return Face because it's first in priority order
-        assert_eq!(node.first_satisfying(&available), Some(CredentialType::Face));
+        assert_eq!(
+            node.first_satisfying(&available),
+            Some(CredentialType::Face)
+        );
     }
 
     #[test]
@@ -324,7 +327,10 @@ mod tests {
 
         // Only face available
         assert!(node.evaluate(&available));
-        assert_eq!(node.first_satisfying(&available), Some(CredentialType::Face));
+        assert_eq!(
+            node.first_satisfying(&available),
+            Some(CredentialType::Face)
+        );
 
         // Both available - orb has priority
         available.insert(CredentialType::Orb);

rust/core/src/types.rs

@@ -371,10 +371,12 @@ mod tests {
 
     #[test]
     fn test_request_validation() {
-        let valid = Request::new(CredentialType::Orb, Some(Signal::from_string("signal"))).with_face_auth(true);
+        let valid = Request::new(CredentialType::Orb, Some(Signal::from_string("signal")))
+            .with_face_auth(true);
         assert!(valid.validate().is_ok());
 
-        let invalid = Request::new(CredentialType::Device, Some(Signal::from_string("signal"))).with_face_auth(true);
+        let invalid = Request::new(CredentialType::Device, Some(Signal::from_string("signal")))
+            .with_face_auth(true);
         assert!(invalid.validate().is_err());
 
         // Test without signal

rust/uniffi-bindings/Cargo.toml

@@ -12,8 +12,9 @@ crate-type = ["staticlib", "cdylib"]
 name = "idkit"
 
 [dependencies]
-idkit-core = { path = "../core", default-features = false, features = ["uniffi-bindings", "native-crypto"] }
+idkit-core = { path = "../core", default-features = false, features = ["uniffi-bindings", "native-crypto", "bridge"] }
 uniffi = { workspace = true }
 thiserror = { workspace = true }
 serde_json = { workspace = true }
 hex = { workspace = true }
+tokio = { workspace = true, features = ["rt", "rt-multi-thread"] }