crowd-funder-for-time-pwa/test-scripts/new_flow.sh

#!/bin/bash

# DID Creation and Registration Flow
# @author Matthew Raymer
#
# This script implements the creation and registration of Decentralized Identifiers (DIDs)
# with the endorser.ch service. It matches the Python and TypeScript implementations.
#
# Flow:
# 1. Generate or load mnemonic seed phrase
# 2. Derive Ethereum keys and address
# 3. Create DID identifier
# 4. Initialize account
# 5. Create signed JWT
# 6. Register DID with endorser service

# Constants
API_SERVER=${ENDORSER_API_URL:-"https://test-api.endorser.ch"}
ENDORSER_DID="did:ethr:0x0000694B58C2cC69658993A90D3840C560f2F51F"
ENDORSER_PRIVATE_KEY="2b6472c026ec2aa2c4235c994a63868fc9212d18b58f6cbfe861b52e71330f5b"

# Create temporary directory for operations
TMPDIR=$(mktemp -d)
trap 'rm -rf "$TMPDIR"' EXIT

initialize_account() {
    # Generate or load mnemonic
    if [ ! -f "mnemonic.txt" ]; then
        # Generate 24-word mnemonic using Python
        python3 -c "
from eth_account.hdaccount import generate_mnemonic
print(generate_mnemonic(language='english'))
" > mnemonic.txt
    fi
    
    # Read and process mnemonic
    MNEMONIC=$(cat mnemonic.txt)
    
    # Derive address and keys using Python
    IDENTITY=$(python3 -c "
from eth_account import Account
from eth_keys import keys
import json

Account.enable_unaudited_hdwallet_features()
mnemonic = '$MNEMONIC'.strip()
account = Account.from_mnemonic(mnemonic)
address = account.address
private_key = account.key.hex()[2:]
pk = keys.PrivateKey(account.key)
public_key = pk.public_key.to_hex()[2:]

identity = {
    'did': f'did:ethr:{address}',
    'keys': [{
        'id': f'did:ethr:{address}#keys-1',
        'type': 'Secp256k1VerificationKey2018',
        'controller': f'did:ethr:{address}',
        'ethereumAddress': address,
        'publicKeyHex': public_key,
        'privateKeyHex': private_key
    }],
    'services': []
}
print(json.dumps(identity))
")

    echo "Account initialized:"
    echo "$IDENTITY" | jq .
    echo
    
    # Export for other functions
    export IDENTITY
}

create_endorser_jwt() {
    local did="$1"
    local private_key="$2"
    local payload="$3"
    local sub_did="$4"
    
    # Create JWT header and payload
    local now=$(date +%s)
    local exp=$((now + 3600))
    
    local header='{"typ":"JWT","alg":"ES256K"}'
    local jwt_payload=$(echo "$payload" | jq --arg iss "$did" \
        --arg iat "$now" \
        --arg exp "$exp" \
        '. + {iss: $iss, iat: ($iat|tonumber), exp: ($exp|tonumber)}')
    
    # Base64URL encode header and payload
    local header_b64=$(echo -n "$header" | base64 -w 0 | tr '/+' '_-' | tr -d '=')
    local payload_b64=$(echo -n "$jwt_payload" | base64 -w 0 | tr '/+' '_-' | tr -d '=')
    local message="$header_b64.$payload_b64"
    
    # Sign using Python eth_keys (matching TypeScript ES256K implementation)
    local signature=$(python3 -c "
from eth_keys import keys
import hashlib
import base64

private_key_bytes = bytes.fromhex('$private_key')
private_key = keys.PrivateKey(private_key_bytes)

message_hash = hashlib.sha256('$message'.encode()).digest()
signature = private_key.sign_msg_hash(message_hash)

signature_bytes = signature.r.to_bytes(32, 'big') + signature.s.to_bytes(32, 'big')
print(base64.urlsafe_b64encode(signature_bytes).decode().rstrip('='))
")
    
    echo "$message.$signature"
}

register() {
    local active_did="$1"
    
    echo "Endorser DID: $ENDORSER_DID"
    echo "Active DID: $active_did"
    
    # Create registration claim
    local vc_payload=$(cat <<EOF
{
    "vc": {
        "@context": ["https://www.w3.org/2018/credentials/v1"],
        "type": ["VerifiableCredential"],
        "credentialSubject": {
            "@context": "https://schema.org",
            "@type": "RegisterAction",
            "agent": {
                "identifier": "$ENDORSER_DID"
            },
            "participant": {
                "identifier": "$active_did"
            },
            "object": "endorser.ch",
            "endTime": $(( $(date +%s) + 7*24*60*60 ))
        }
    }
}
EOF
)

    echo "Registration Claim:"
    echo "$vc_payload" | jq .
    echo

    # Create and sign JWT
    local jwt_token=$(create_endorser_jwt "$ENDORSER_DID" "$ENDORSER_PRIVATE_KEY" "$vc_payload" "$active_did")
    
    echo "Generated JWT:"
    echo "$jwt_token"
    echo
    
    # Submit registration
    local response=$(curl -s -X POST "$API_SERVER/api/v2/claim" \
        -H "Content-Type: application/json" \
        -d "{\"jwtEncoded\": \"$jwt_token\"}")
    
    echo "Registration response:"
    echo "$response" | jq .
}

main() {
    initialize_account
    
    # Extract DID and private key from identity
    local active_did=$(echo "$IDENTITY" | jq -r .did)
    local private_key=$(echo "$IDENTITY" | jq -r .keys[0].privateKeyHex)
    
    # Register DID
    register "$active_did"
}

main "$@"
feat: add shell implementation of DID registration flow - Match Python/TypeScript implementations - Use consistent JWT signing approach - Maintain payload compatibility - Add detailed documentation 1 week ago			`#!/bin/bash`

			`# DID Creation and Registration Flow`
			`# @author Matthew Raymer`
			`#`
			`# This script implements the creation and registration of Decentralized Identifiers (DIDs)`
			`# with the endorser.ch service. It matches the Python and TypeScript implementations.`
			`#`
			`# Flow:`
			`# 1. Generate or load mnemonic seed phrase`
			`# 2. Derive Ethereum keys and address`
			`# 3. Create DID identifier`
			`# 4. Initialize account`
			`# 5. Create signed JWT`
			`# 6. Register DID with endorser service`

			`# Constants`
			`API_SERVER=${ENDORSER_API_URL:-"https://test-api.endorser.ch"}`
			`ENDORSER_DID="did:ethr:0x0000694B58C2cC69658993A90D3840C560f2F51F"`
			`ENDORSER_PRIVATE_KEY="2b6472c026ec2aa2c4235c994a63868fc9212d18b58f6cbfe861b52e71330f5b"`

			`# Create temporary directory for operations`
			`TMPDIR=$(mktemp -d)`
			`trap 'rm -rf "$TMPDIR"' EXIT`

			`initialize_account() {`
			`# Generate or load mnemonic`
			`if [ ! -f "mnemonic.txt" ]; then`
			`# Generate 24-word mnemonic using Python`
			`python3 -c "`
			`from eth_account.hdaccount import generate_mnemonic`
			`print(generate_mnemonic(language='english'))`
			`" > mnemonic.txt`
			`fi`

			`# Read and process mnemonic`
			`MNEMONIC=$(cat mnemonic.txt)`

			`# Derive address and keys using Python`
			`IDENTITY=$(python3 -c "`
			`from eth_account import Account`
			`from eth_keys import keys`
			`import json`

			`Account.enable_unaudited_hdwallet_features()`
			`mnemonic = '$MNEMONIC'.strip()`
			`account = Account.from_mnemonic(mnemonic)`
			`address = account.address`
			`private_key = account.key.hex()[2:]`
			`pk = keys.PrivateKey(account.key)`
			`public_key = pk.public_key.to_hex()[2:]`

			`identity = {`
			`'did': f'did:ethr:{address}',`
			`'keys': [{`
			`'id': f'did:ethr:{address}#keys-1',`
			`'type': 'Secp256k1VerificationKey2018',`
			`'controller': f'did:ethr:{address}',`
			`'ethereumAddress': address,`
			`'publicKeyHex': public_key,`
			`'privateKeyHex': private_key`
			`}],`
			`'services': []`
			`}`
			`print(json.dumps(identity))`
			`")`

			`echo "Account initialized:"`
			`echo "$IDENTITY" \| jq .`
			`echo`

			`# Export for other functions`
			`export IDENTITY`
			`}`

			`create_endorser_jwt() {`
			`local did="$1"`
			`local private_key="$2"`
			`local payload="$3"`
			`local sub_did="$4"`

			`# Create JWT header and payload`
			`local now=$(date +%s)`
			`local exp=$((now + 3600))`

			`local header='{"typ":"JWT","alg":"ES256K"}'`
			`local jwt_payload=$(echo "$payload" \| jq --arg iss "$did" \`
			`--arg iat "$now" \`
			`--arg exp "$exp" \`
			`'. + {iss: $iss, iat: ($iat\|tonumber), exp: ($exp\|tonumber)}')`

			`# Base64URL encode header and payload`
			`local header_b64=$(echo -n "$header" \| base64 -w 0 \| tr '/+' '_-' \| tr -d '=')`
			`local payload_b64=$(echo -n "$jwt_payload" \| base64 -w 0 \| tr '/+' '_-' \| tr -d '=')`
			`local message="$header_b64.$payload_b64"`

			`# Sign using Python eth_keys (matching TypeScript ES256K implementation)`
			`local signature=$(python3 -c "`
			`from eth_keys import keys`
			`import hashlib`
			`import base64`

			`private_key_bytes = bytes.fromhex('$private_key')`
			`private_key = keys.PrivateKey(private_key_bytes)`

			`message_hash = hashlib.sha256('$message'.encode()).digest()`
			`signature = private_key.sign_msg_hash(message_hash)`

			`signature_bytes = signature.r.to_bytes(32, 'big') + signature.s.to_bytes(32, 'big')`
			`print(base64.urlsafe_b64encode(signature_bytes).decode().rstrip('='))`
			`")`

			`echo "$message.$signature"`
			`}`

			`register() {`
			`local active_did="$1"`

			`echo "Endorser DID: $ENDORSER_DID"`
			`echo "Active DID: $active_did"`

			`# Create registration claim`
			`local vc_payload=$(cat <<EOF`
			`{`
			`"vc": {`
			`"@context": ["https://www.w3.org/2018/credentials/v1"],`
			`"type": ["VerifiableCredential"],`
			`"credentialSubject": {`
			`"@context": "https://schema.org",`
			`"@type": "RegisterAction",`
			`"agent": {`
			`"identifier": "$ENDORSER_DID"`
			`},`
			`"participant": {`
			`"identifier": "$active_did"`
			`},`
			`"object": "endorser.ch",`
			`"endTime": $(( $(date +%s) + 72460*60 ))`
			`}`
			`}`
			`}`
			`EOF`
			`)`

			`echo "Registration Claim:"`
			`echo "$vc_payload" \| jq .`
			`echo`

			`# Create and sign JWT`
			`local jwt_token=$(create_endorser_jwt "$ENDORSER_DID" "$ENDORSER_PRIVATE_KEY" "$vc_payload" "$active_did")`

			`echo "Generated JWT:"`
			`echo "$jwt_token"`
			`echo`

			`# Submit registration`
			`local response=$(curl -s -X POST "$API_SERVER/api/v2/claim" \`
			`-H "Content-Type: application/json" \`
			`-d "{\"jwtEncoded\": \"$jwt_token\"}")`

			`echo "Registration response:"`
			`echo "$response" \| jq .`
			`}`

			`main() {`
			`initialize_account`

			`# Extract DID and private key from identity`
			`local active_did=$(echo "$IDENTITY" \| jq -r .did)`
			`local private_key=$(echo "$IDENTITY" \| jq -r .keys[0].privateKeyHex)`

			`# Register DID`
			`register "$active_did"`
			`}`

			`main "$@"`