secp256r1 key support#599
Open
cykoder wants to merge 3 commits into
Open
Conversation
maycon-mello
approved these changes
May 27, 2026
There was a problem hiding this comment.
Pull request overview
Adds secp256r1 (P-256) key support across the credential SDK stack, wiring it into keypairs, typed public key/signature variants, DID method-key parsing, and VC suite verification; also bumps related package versions to consume the updated SDK.
Changes:
- Introduces
Secp256r1KeypairplusEcdsaSecp256r1Signature2019/EcdsaSecp256r1VerificationKey2019and registers them in VC verification flows. - Extends typed
PublicKey/Signatureenums and DID method-key/onchain DID parsing to recognize secp256r1. - Updates tests, fixtures, and downstream packages/changelogs to reflect the new SDK version.
Reviewed changes
Copilot reviewed 42 out of 42 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| scripts/bench/package.json | Bumps benchmark package + dependency versions to pick up new SDK release. |
| scripts/bench/CHANGELOG.md | Notes dependency updates for the benchmark package. |
| packages/credential-sdk/tests/utils/test-keys.js | Adds secp256r1 test key material for suite-based tests. |
| packages/credential-sdk/tests/utils/network-cache.js | Adds cached DID docs / key docs for secp256r1 verification method tests. |
| packages/credential-sdk/tests/utils/did-helpers.js | Allows test DID generation using secp256k1 or secp256r1 keypairs. |
| packages/credential-sdk/tests/utils.test.js | Adds unit tests for secp256r1 public key/signature instantiation and ECDSA verification. |
| packages/credential-sdk/tests/pex-utils.test.js | Adds secp256r1 proof type to presentation-exchange test data. |
| packages/credential-sdk/tests/keypairs.test.js | Includes Secp256r1Keypair in generic keypair test matrix. |
| packages/credential-sdk/tests/did.test.js | Adds did:key parsing tests for secp256r1. |
| packages/credential-sdk/tests/data/test-keys.js | Adds secp256r1 key to shared test key fixtures. |
| packages/credential-sdk/tests/claim-deduction.test.js | Runs claim deduction tests for both secp256k1 and secp256r1 issuers/holders. |
| packages/credential-sdk/tests/snapshots/did.test.js.snap | Updates snapshots for new secp256r1 did:key parsing test. |
| packages/credential-sdk/src/vc/presentations.js | Adds secp256r1 LD signature suite to presentation verification. |
| packages/credential-sdk/src/vc/helpers.js | Maps secp256r1 verification key type to the corresponding signature suite. |
| packages/credential-sdk/src/vc/crypto/index.js | Exports the new secp256r1 signature suite and verification key classes. |
| packages/credential-sdk/src/vc/crypto/EcdsaSecp256r1VerificationKey2019.js | New LD verification key class for secp256r1. |
| packages/credential-sdk/src/vc/crypto/EcdsaSecp256r1Signature2019.js | New LD signature suite for secp256r1 (ES256). |
| packages/credential-sdk/src/vc/crypto/constants.js | Adds constants for secp256r1 signature and verification key names. |
| packages/credential-sdk/src/vc/credentials.js | Adds secp256r1 LD signature suite to credential/status verification. |
| packages/credential-sdk/src/vc/contexts/did-v1-updated.json | Extends JSON-LD context with secp256r1 suite terms. |
| packages/credential-sdk/src/types/signatures/signature.js | Adds SignatureSecp256r1 variant and binds it into the signature enum. |
| packages/credential-sdk/src/types/signatures/signature-secp256r1-value.js | New typed signature value for secp256r1. |
| packages/credential-sdk/src/types/signatures/index.js | Exports the new secp256r1 signature value type. |
| packages/credential-sdk/src/types/public-keys/public-key.js | Adds PublicKeySecp256r1 variant and binds it into the public key enum. |
| packages/credential-sdk/src/types/public-keys/public-key-secp256r1-value.js | New typed public key value for compressed secp256r1 keys. |
| packages/credential-sdk/src/types/public-keys/index.js | Exports the new secp256r1 public key value type. |
| packages/credential-sdk/src/types/did/onchain/typed-did/did-method-key/did-method-key-signature.js | Adds secp256r1 signature variant for did:key typed signatures. |
| packages/credential-sdk/src/types/did/onchain/typed-did/did-method-key/did-method-key-public-key.js | Adds secp256r1 public key variant and prefix handling for did:key. |
| packages/credential-sdk/src/types/did/onchain/did-key.js | Adds secp256r1 DID key variant and includes it in signing relationships. |
| packages/credential-sdk/src/types/did/onchain/constants.js | Adds secp256r1 did:key byte prefix and related constants. |
| packages/credential-sdk/src/types/did/document/verification-method.js | Maps secp256r1 verification method type to PublicKeySecp256r1. |
| packages/credential-sdk/src/types/did/document/verification-method-type.js | Adds secp256r1 verification method type variant. |
| packages/credential-sdk/src/keypairs/keypair-secp256r1.js | New Secp256r1Keypair implementation (sign/verify + DER conversion). |
| packages/credential-sdk/src/keypairs/index.js | Exports Secp256r1Keypair. |
| packages/credential-sdk/package.json | Bumps credential SDK version to 0.55.0. |
| packages/credential-sdk/CHANGELOG.md | Documents the new “secp256r1 key support” release. |
| packages/cheqd-blockchain-modules/package.json | Bumps package to 5.0.0 and updates peer/dev dependency on credential-sdk 0.55.0. |
| packages/cheqd-blockchain-modules/CHANGELOG.md | Notes dependency update for 5.0.0 release. |
| packages/cheqd-blockchain-api/package.json | Bumps package to 5.0.0 and updates peer/dev dependency on credential-sdk 0.55.0. |
| packages/cheqd-blockchain-api/CHANGELOG.md | Notes dependency update for 5.0.0 release. |
| examples/package.json | Bumps examples package and dependency versions to consume new releases. |
| examples/CHANGELOG.md | Notes dependency updates for examples package. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+29
to
+36
| let activeKeypairClass = Secp256k1Keypair; | ||
|
|
||
| describe.each([Secp256k1Keypair, Secp256r1Keypair])( | ||
| 'Composite claim soundness checker (%s)', | ||
| (KeypairClass) => { | ||
| beforeAll(() => { | ||
| activeKeypairClass = KeypairClass; | ||
| }); |
|
|
||
| ## 5.0.0 | ||
|
|
||
| ### Patch Changes |
|
|
||
| ## 5.0.0 | ||
|
|
||
| ### Patch Changes |
| } | ||
|
|
||
| throw new Error( | ||
| `Unsupported signature encoding for ${EcdsaSecp256r1VerKeyName}`, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.