🚀 `@originvault/ov-id-sdk` (in alpha)

Decentralized Identity SDK for OriginVault

@originvault/ov-id-sdk a TypeScript SDK for decentralized identity (DID) management, verifiable credential (VC) signing and verification, and cryptographic commit signing. It enables secure DID operations, private key management, W3C-compliant credential handling, and signed commits/releases with verifiable metadata.

🔹 Features

✅ DID Creation & Import → Generate or restore did:cheqd and did:vda identities
✅ Secure Key Storage → Encrypt and store private keys securely, retrieve when needed
✅ Primary DID Management → Set and retrieve the default DID for signing credentials
✅ Verifiable Credential Signing & Verification → Issue & verify W3C-compliant credentials
✅ Cryptographic Release Signing → Sign and verify Git software releases using DID credentials
✅ Development Environment Metadata → Capture system & package metadata for auditability
✅ Web5 Trust Layer Integration → Designed for OriginVault’s decentralized identity and verification ecosystem

📦 Installation

npm install @originvault/ov-id-sdk

Example Release Cert

🚀 Quick Start

1️⃣ Create or Import a DID

import { createDID, importDID } from "@originvault/ov-id-sdk";
import { userStore } from "@originvault/ov-id-sdk";

// ✅ Create a new DID
const { agent } = await userStore.initialize();
const publisherDID = await userStore.getPrimaryDID();
const { did } = await createDID({ method: "cheqd", agent, publisherDID});

console.log("New DID:", did);

// Optional: Set the new DID as the primary DID & customize the alias
const { agent } = await userStore.initialize();
const publisherDID = await userStore.getPrimaryDID();

const { did } = await createDID({ 
      method: "cheqd", 
      agent, 
      publisherDID, 
      isPrimary: true, 
      alias: "did:cheqd:mainnet:1234"
});

console.log("New DID:", did);

// ✅ Import an existing DID from a mnemonic
const importedDID = await importDID("your mnemonic phrase here", "cheqd");
console.log("Imported DID:", importedDID);

2️⃣ Securely Store & Retrieve a Private Key

import { storePrivateKey, retrievePrivateKey } from "@originvault/ov-id-sdk";

// ✅ Store a private key securely
await storePrivateKey("did:cheqd:mainnet:1234", "your-private-key");

// ✅ Retrieve the private key when needed
const privateKey = await retrievePrivateKey("did:cheqd:mainnet:1234");
console.log("Retrieved Private Key:", privateKey);

3️⃣ Set & Get a Primary DID for Signing

import { setPrimaryDID, getPrimaryDID } from "@originvault/ov-id-sdk";

// ✅ Set a primary DID
await setPrimaryDID("did:cheqd:mainnet:1234");

// ✅ Get the primary DID (for signing operations)
const primaryDID = await getPrimaryDID();
console.log("Primary DID:", primaryDID);

4️⃣ Sign & Verify Verifiable Credentials

import { signVC, verifyVC } from "@originvault/ov-id-sdk";

// ✅ Sign a Verifiable Credential
const vcJwt = await signVC("did:cheqd:mainnet:1234", "subject-id");
console.log("Signed VC:", vcJwt);

// ✅ Verify a Verifiable Credential
const isValid = await verifyVC(vcJwt);
console.log("VC Verification:", isValid);

5️⃣ Sign Releases

import { parentStore, signRelease } from "@originvault/ov-id-sdk";

// ✅ Self-sign a release
const { signRelease: signParentRelease } = await parentStore.initialize();
await signRelease(parentStore) || await signParentRelease();

console.log("Latest release signed successfully. Ready to publish.");

7️⃣ Get Development Environment Metadata

import { getEnvironmentMetadata } from "@originvault/ov-id-sdk";

// ✅ Get development environment metadata
const packageJsonPath = path.join(__dirname, '../package.json');
const environment = getEnvironmentMetadata(packageJsonPath);
console.log("Development Environment:", environment);

🛠 Configuration

Environment Variable	Description
`COMMIT_HASH`	(Optional) Commit hash to sign
`COSMOS_PAYER_SEED`	(Optional) Cosmos payer seed
`CHEQD_RPC_URL`	(Optional) Cheqd RPC URL
`ENCRYPTION_KEY`	(Optional if key can be shared through the terminal) Encryption key for private keys

🏗 Built With

Cheqd DID SDK → DID creation & verification
Veramo → Web5-native identity agent
W3C Verifiable Credentials → Open trust standards
Polkadot Keyring → Secure, in-memory key management for DIDs

📜 License

@originvault/ov-id-sdk is licensed under MIT.

🚀 Next Steps

[ ] Add multi-user key management
[ ] Support additional DID methods
[ ] Provide browser-compatible secure storage

🌟 Contributors & Feedback

If you have suggestions or want to contribute, open an issue or pull request on GitHub.

🚀 Now, ov-id-sdk is ready to power decentralized identity in Web5!