Sample fails with a strange error, atleast to me

[vongohren]

This happens when I try to make a derive proof, and im quite new to JSON LD and BBS, so cannot say much on why it happens. Anyone here have an idea?

[tplooker]

@vongohren is this running the sample un-modified? If not can you share what you are running?

[vongohren]

@tplooker good question. I ran the sample unmodified and it worked. But the only difference I see is that I used higher versions of jsonld and jsonld-signatures. Might that be some reason it is not working anymore?

  "dependencies": {
    "@mattrglobal/jsonld-signatures-bbs": "^0.8.0",
    "jsonld": "^5.0.0",
    "jsonld-signatures": "^8.0.2"
  }

I can confirm that upgrading the sample to these libs breaks the sample with the same error.
I can also confirm that some of these packages does not work with yarn at the moment, so you have to use npm to install. Here is the error:

Code im running

Code

const {
Bls12381G1KeyPair,
Bls12381G2KeyPair,
BbsBlsSignature2020,
BbsBlsSignatureProof2020,
deriveProof
} = require("@mattrglobal/jsonld-signatures-bbs");
const { extendContextLoader, sign, verify, purposes } = require("jsonld-signatures");
const  { documentLoaders } = require("jsonld");

const inputDocument = require('./vc-input-doc.json');

const bbsContext = require("./data/bbs.json");
const securityV3 = require("./data/securityv3.json");
const revealDocument = require("./data/deriveProofFrame.json");
const citizenVocab = require("./data/citizenVocab.json");
const exampleControllerDoc = require("./data/controllerDocument.json");
const keyPairOptions = require("./data/keyPair.json");

const documents = {
"did:example:489398593#test": keyPairOptions,
"did:example:489398593": exampleControllerDoc,
"https://w3id.org/security/bbs/v1": bbsContext,
"https://w3id.org/security/v3-unstable": securityV3,
"https://w3id.org/citizenship/v1": citizenVocab
};

const customDocLoader = (url) => {
const context = documents[url];

if (context) {
 return {
   contextUrl: null, // this is for a context via a link header
   document: context, // this is the actual document that was loaded
   documentUrl: url // this is the actual context URL after redirects
 };
}

return documentLoaders.node()(url);
};

const documentLoader = extendContextLoader(customDocLoader);

const main = async () => {
// const keyPair = await Bls12381G2KeyPair.generate({
//   id: "did:example:489398593#test",
//   controller: "did:example:489398593"
// });
const keyPair = await new Bls12381G2KeyPair(keyPairOptions);

console.log(keyPair)
console.log(keyPair.publicKeyJwk)

// console.log("Input document");
// console.log(JSON.stringify(inputDocument, null, 2));

//Sign the input document
const signedDocument = await sign(inputDocument, {
 suite: new BbsBlsSignature2020({ key: keyPair }),
 purpose: new purposes.AssertionProofPurpose(),
 documentLoader
});    
// console.log("Input document with proof");
// console.log(JSON.stringify(signedDocument, null, 2));

const multiSignedDocument = await sign(signedDocument, {
 suite: new BbsBlsSignature2020({ key: keyPair }),
 purpose: new purposes.AssertionProofPurpose(),
 documentLoader
});

// console.log("Input document with multiple proofs");
// console.log(JSON.stringify(multiSignedDocument, null, 2));

const verified = await verify(multiSignedDocument, {
 suite: new BbsBlsSignature2020({ key: keyPair }),
 purpose: new purposes.AssertionProofPurpose(),
 documentLoader
});

// console.log("Verify the signed proof");
// console.log(JSON.stringify(verified, null, 2));

// Derive a proof
const derivedProof = await deriveProof(multiSignedDocument, revealDocument, {
 suite: new BbsBlsSignatureProof2020(),
 documentLoader
});
console.log(derivedProof)

console.log("Derived Proof Result");
console.log(JSON.stringify(derivedProof, null, 2));

// //Verify the derived proof
// const derivedProofVerified = await verify(derivedProof, {
//   suite: new BbsBlsSignatureProof2020(),
//   purpose: new purposes.AssertionProofPurpose(),
//   documentLoader
// });

// console.log("Derived Proof Verification result");
// console.log(JSON.stringify(derivedProofVerified, null, 2));
}

main()

[tplooker]

@vongohren can you try the latest sample, it has just been updated to use the v0.9.0 release?

[vongohren]

@tplooker I can confirm to have the latest master.
But if I update the libs, jsonld and jsonld-signatures to the versions mentioned above, the initial error is there.
Yarn does work to install, but the tried to redefine a protecetd term, is still there.

[kdenhartog]

We've not updated and tested this library against the packages that you're relying on. For now, my suggestion would be to remain on the versions used within the samples.

Even still, my experience has shown me that the redefined protected terms errors appears when the context files are not quite correct. Can you post the link to the proof that you're working with so that I can take a look at the contexts that are being loaded by the documentLoader and debug it?

The alternative approach that I've learned is to go into the node_modules/json-ld library, search for the error and modify it within the node_modules folder to look like this: https://github.com/digitalbazaar/jsonld.js/pull/421/files

This will allow the console to spit out the term that's being redefined when you're getting the error back.

Also, after looking at the code you published I'm almost certain this is an issue because you're using both the security-v3-unstable context and the BBSv1 Context. If you do the suggest above then you'll be able to confirm if this is actually an issue with the BBS terms that are defined in both.

[vongohren]

@kdenhartog using this code I ended up using the transient dependency you guys bring along. https://gist.github.com/vongohren/92753c7dc8e8be7ed219c2d184c624aa

It means that using the newest json-ldsignature version is still not up to speed I guess

Thanks for the debugging introduction, I will take that with me!

What are the main reason things fail when JSON LD lib updates? Is it imssing contexts?

[tplooker]

@vongohren with the merge of #135 can you try things out again and let me know if you are still facing issues?

[vongohren]

So I did solve it earlier by depending on your transient dependency with "jsonld-signatures"

But adding "jsonld-signatures": "^8.0.2", the same error comes.
That gist above is what I use for code.

@tplooker ☝️

[kdenhartog]

Did a bit of debugging on this. There's two issues I've found so far. For some reason the way the getVerificationMethod() function passes the exact string of the fragment id only in is wrong. That's not a valid IRI so the frame call is throwing an error. This is going to require us to figure out why the verificationMethod property is only adding the fragment portion of the identifier in the proof property on signing. @OR13 have you encountered this issue before when using your did-key method with this library?

The second issue is your documentLoader doesn't have a DID resolver in it so even if you did have a fully qualified DID URL in there it wouldn't dereference properly. Use something like this documentLoader: https://github.com/decentralized-identity/jsonld-document-loader

See here for an example of how to get that configured properly so that the resolver is plugged into the documentLoader properly. https://github.com/transmute-industries/vc.transmute.world/blob/49d3499aa6266088ca2cef6691bd9b1ac961fd35/packages/cli/src/util/documentLoader.ts

[OR13]

This is currently working:

https://did.key.transmute.industries/did:key:z5TcF54ZLL5RVaKcvfPbaX2aBFJbXPcc5wG8bomgt4jyap1wVhtHtWVD2gDwD4jXsbEE1PSMeNfEUxkeVjd2R1fvJiaAmrEc2cQsvBe3UmVS7F3FT18mig8PnN2SRRGRsrMva7QPdBSQajC6JkPN2G2Aye3PAgbcjXdFknvCLbaGCBpDCqyyPh6EU7GxJkvmciNk4onHR

I have general concerns with the approach digital bazaar is taking with documentLoaders... they are either a resolver or a dereferencer...

I have been treating documentLoaders as resolvers... not dereferencers... but recent changes digital bazaar has made to their libraries appear to changing documentLoaders to dereferencers...

see: digitalbazaar/jsonld-signatures#141