Skip to content

Feature/credential selection #423

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
rmlearney-digicatapult wants to merge 58 commits into
base: main
Choose a base branch
from
Open

Feature/credential selection #423

rmlearney-digicatapult wants to merge 58 commits into from

Conversation

@rmlearney-digicatapult
Copy link
Contributor

@rmlearney-digicatapult rmlearney-digicatapult commented Dec 11, 2025
edited
Loading

Pull Request

Checklist

  • Have you read Digital Catapult's Code of Conduct?
  • I have performed a self-review of my own code.
  • I have commented my code, particularly in hard-to-understand areas.
  • I have made corresponding changes to the documentation.
  • My changes generate no new warnings.
  • I have added tests that prove my fix is effective or that my feature works.
  • New and existing unit tests pass locally with my changes.

PR Type

Please delete options that are irrelevant.

  • Feature
  • Documentation Update

Linked tickets

High level description

Updated ProofController to accept credential selection when presenting a proof rather than trusting the agent to pick the one from the top of the list

Updated the ProofController with an endpoint to retrieve the proof content

Detailed description

AI-assisted PR.

New API Capability: The POST /proofs/{proofRecordId}/accept-request endpoint now accepts a simplified proofFormats object in the body. This allows callers to specify exactly which credentialId should satisfy each attribute or predicate in a proof request

New proposalMessage endpoint: added GET /proofs/:proofRecordId/content to retrieve the formatted proof content for a specific proofRecord

Hydration Logic: Implemented logic in the ProofController to "hydrate" these simplified selection requests into the complex protocol-specific formats required by Credo-TS (e.g. anoncreds proof structures)

Validation: Added strict validation to ensure requested credentials exist and match the proof requirements, returning 400 Bad Request for malformed requests and 404 Not Found for missing credentials

Type Safety: Refactored the ProofController and associated tests to remove any casts, significantly improving type safety and maintainability

Tests: Unit test coverage for all new functionality

Documentation:
Added comprehensive documentation in explicit-credential-selection.md detailing the new workflow and payload structures

Describe alternatives you've considered

No changes, allowing the agent to just automatically choose which credentials to use for proofs from the 'top of the pile'

Operational impacte

Allowing the verifying agent to select which fields they want to be proven

Allowing the proving agent to select which credentials to use for proof, selecting from multiple credentials and composing multiple credentials to generate proofs

Additional context

@rmlearney-digicatapult
feat: implement explicit credential selection in proof controller
94824ca 
- Refactor ProofController.acceptRequest to support simplified proof formats
- Add hydration logic to convert simplified formats to full Credo-TS formats
- Add validation for simplified formats (400 Bad Request)
- Add error handling for missing credentials (404 Not Found)
- Export ProofFormats type in types.ts
- Update unit tests to verify new logic and remove any casts
- Add documentation for explicit credential selection
- Update README with link to new docs
- Update maker script to support credential selection
@rmlearney-digicatapult
version bump
e4fc1c0
@rmlearney-digicatapult
one-liner
c7b0da4
@rmlearney-digicatapult
chore: update integration test instructions to match README
2160443
Copilot AI review requested due to automatic review settings December 11, 2025 14:16
@rmlearney-digicatapult rmlearney-digicatapult requested a review from a team as a code owner December 11, 2025 14:16
Copilot AI reviewed Dec 11, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR introduces explicit credential selection for proof requests, allowing API clients to specify which credentials should be used when responding to proof requests rather than relying on automatic selection. The implementation adds a simplified API format that gets hydrated into the complex Credo TS proof format, reducing client-side complexity.

Key Changes

  • New API capability: POST /v1/proofs/{proofRecordId}/accept-request now accepts optional simplified proofFormats with just credentialId and revealed fields
  • Hydration logic: Controller automatically enriches simplified format with full credential metadata from Credo TS wallet
  • Script enhancement: maker-accept-proof-from-oem.ts updated to support credential selection via CLI argument

Reviewed changes

Copilot reviewed 8 out of 9 changed files in this pull request and generated 9 comments.

Show a summary per file
File Description
src/controllers/v1/proofs/ProofController.ts Implements three-path logic (auto-select/hydrate/pass-through) with hydration loops for attributes and predicates, plus type guard for format detection
src/controllers/types.ts Adds SimpleProofFormats interface and exports ProofFormats type, extends AcceptProofRequestOptions with new proofFormats field
tests/unit/proof.test.ts Adds single happy-path test for simplified credential selection, validates hydration output structure
scripts/maker-accept-proof-from-oem.ts Adds --credential-id CLI parameter, constructs simplified proofFormats from proof request message
docs/explicit-credential-selection.md Comprehensive new documentation explaining the feature, API usage, three-path logic, and example scenario
README.md Minor formatting fixes (code blocks, links), adds reference to new documentation, fixes typo
docker-compose-integration-tests.yml Updates comments with NODE_EXTRA_CA_CERTS setup instructions, adds environment variable to test service
package.json, package-lock.json Version bump from 0.16.13 to 0.16.14

rmlearney-digicatapult and others added 4 commits December 11, 2025 14:58
@rmlearney-digicatapult
Update src/controllers/v1/proofs/ProofController.ts
e19e478 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rmlearney-digicatapult
Update src/controllers/v1/proofs/ProofController.ts
770c1a7 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rmlearney-digicatapult
Update src/controllers/v1/proofs/ProofController.ts
938342c 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rmlearney-digicatapult
Update src/controllers/v1/proofs/ProofController.ts
1d625be 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Copilot AI mentioned this pull request Dec 11, 2025
Closed
Copy link

Copilot AI commented Dec 11, 2025

@rmlearney-digicatapult I've opened a new pull request, #424, to work on those changes. Once the pull request is ready, I'll request review from you.

rmlearney-digicatapult and others added 4 commits December 11, 2025 15:01
@rmlearney-digicatapult
Update README.md
5ef7855 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rmlearney-digicatapult
Update src/controllers/v1/proofs/ProofController.ts
b805fd3 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rmlearney-digicatapult
fix: enhance proof controller validation, logging and tests
568a7e1 
- Fix TypeScript errors in ProofController hydration logic
- Downgrade sensitive credential logging to debug level
- Add extensive unit tests for ProofController edge cases and security checks
@rmlearney-digicatapult
refactor: secure logging and remove unused endpoint
ae33840 
- Redact sensitive credential data from ProofController logs
- Remove temporary /credentials endpoint
- Improve type safety in redaction logic (remove any)
Copilot AI reviewed Dec 11, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 8 out of 9 changed files in this pull request and generated 9 comments.

dblane-digicatapult
dblane-digicatapult reviewed Dec 11, 2025
View reviewed changes
rmlearney-digicatapult and others added 7 commits December 11, 2025 19:10
@rmlearney-digicatapult
install latest versions of npm in dockerfile
c298134
@rmlearney-digicatapult
Update src/controllers/v1/proofs/ProofController.ts
f10d2ef 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rmlearney-digicatapult
Update docs/explicit-credential-selection.md
6ef2729 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rmlearney-digicatapult @dblane-digicatapult
Update package.json
4015034 
Co-authored-by: David Blane <32327139+dblane-digicatapult@users.noreply.github.com>
@rmlearney-digicatapult
version bump
2dd1365
@rmlearney-digicatapult
refactor(proofs): optimize validation and redaction in acceptRequest
bc56fbf
@rmlearney-digicatapult
refactor(proofs): remove any type usage in acceptRequest
cccac33
@rmlearney-digicatapult
Copy link
Contributor Author

rmlearney-digicatapult commented Dec 12, 2025

@copilot re-review. ignore maker-accept-proof-from-oem.ts and redactProofFormats method redacts credentialInfo and value fields for logging, but the credentialId itself is not redacted

Copy link

Copilot AI commented Dec 12, 2025

@rmlearney-digicatapult I've opened a new pull request, #428, to work on those changes. Once the pull request is ready, I'll request review from you.

Copilot AI mentioned this pull request Dec 12, 2025
Closed
@rmlearney-digicatapult
fix test expectation text
46d24e9
@rmlearney-digicatapult
refactor(proofs): separate proof content from record endpoint
c2e1302 
- Add GET /:proofRecordId/content to return proof format data
- Remove legacy getProposalMessage endpoint
- Update unit tests
@rmlearney-digicatapult
Merge branch 'main' into feature/credential-selection
a882a3e
@rmlearney-digicatapult
Merge main into feature/credential-selection: keep v0.17.0 but accept…
4585917 
… dependency updates
@rmlearney-digicatapult
Refactor ProofController, improve types, and add webhook noise reduction
66c3a56 
- Refactor ProofController to use strict types and helper methods
- Update ProofController tests to cover new logic and remove 'any' types
- Add tests for proof content simplification and includeContent
- Filter out redundant proof state change events in ProofEvents
- Add tests for webhook noise reduction
@rmlearney-digicatapult
Update explicit credential selection docs with new endpoints
18c194d
@rmlearney-digicatapult
feat: enhance proof controller error messages and update tests for ex…
622650c 
…plicit credential selection
@rmlearney-digicatapult
linting
8eafe6a
@rmlearney-digicatapult
docker-compose-testnet one liner
b18ae55
@rmlearney-digicatapult
fix: resolve integration test failures and 500 error in ProofController
0a0c0b9 
- Fix 500 error in ProofController by adding null check for availableAnonCreds
- Update e2e test to filter credentials by connectionId to avoid stale data
- Update e2e test to use correct credentialRecordId from nested structure
- Configure Bob agent to never auto-accept credentials to enable manual acceptance testing
@rmlearney-digicatapult
docs: add client-side helper example for credential selection
3a43b83
@rmlearney-digicatapult
change log levels
9c44a87
@rmlearney-digicatapult
improve documentation
c74456d
@rmlearney-digicatapult
fix(test): correct getCredentialsForRequest mock structure in proof u…
8a98f33 
…nit tests
@rmlearney-digicatapult
linting
a6920ad
@rmlearney-digicatapult
fix(test): add polling and increase timeout for flaky proof verificat…
c3c83e5 
…ion test
@rmlearney-digicatapult
increase timeout for flaky IPFS test
881e2d6
@rmlearney-digicatapult
Merge branch 'main' into feature/credential-selection
08e43b7
@rmlearney-digicatapult
refactor(scripts): make CLI parameters optional and improve workflow …
524d998 
…automation

- Update `register-schema.ts` to default to `makeAuthorisation.json`.
- Update `issue-credential.ts` to auto-lookup the latest credential definition.
- Update `maker-connect-to-oem.ts` to auto-lookup the latest holder credential.
- Update `oem-accept-connection.ts` to auto-accept pending connections.
- Update `maker-propose-proof-to-oem.ts` to disable auto-accept proof, enabling manual response flow.
- Add `maker-accept-credential.ts` for credential acceptance.
- Replace `maker-accept-proof-from-oem.ts` with `maker-respond-proof-request.ts` for robust proof handling.
@rmlearney-digicatapult
renames
f168f01
@rmlearney-digicatapult
remove script dependency from e2e test
b8c69bf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dblane-digicatapult dblane-digicatapult dblane-digicatapult left review comments

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rmlearney-digicatapult @dblane-digicatapult