Aleo docs

docs/didkit-examples/core-functions-with-aleo.md

@@ -0,0 +1,126 @@
+---
+id: core-functions-with-aleo
+title: Core Functions with Aleo
+---
+
+## Introduction
+
+DIDKit also supports the use of Aleo accounts as verifiable credentials.
+
+This is an example shell script using all the core functions of DIDKit-CLI: key
+generation, credential/presentation issuance and verification.
+
+_Note 1: This script is meant to be in a DIDKit-CLI source directory. See the
+complete script below for setup details._
+
+_Note 2: Currently Aleo support is only available through the
+`feat/aleo-sig-pkh` branch of the ssi library. When building the DIDKit CLI the
+feature `ssi/aleosig` must also be enabled._
+
+### Start with a keypair
+
+The SSI library can generate an Aleo keypair as an example:
+
+```bash
+git clone https://github.com/spruceid/ssi
+cd ssi
+git checkout feat/aleo-sig-pkh
+cargo run --example genaleojwk --features=aleosig > aleokey.jwk
+```
+
+You can also provide the details of an existing Aleo account, although you will
+need to do some extra work for DIDKit to use it.
+
+The Aleo private JWK format used by DIDKit is non-standard. An example:
+
+```json
+{
+  "kty": "OKP",
+  "crv": "AleoTestnet1Key",
+  "x": "78_Jh_c7Fw46fX31xS9Ifdg_LeuabZ2p2aIl5fn9zw0",
+  "d": "f4a9dNLd0omQcg3SEajVHGqEqwFHDGD9yNc2xpzuiZ3sSJjIf5AnEYXWCQ"
+}
+```
+
+The format is as follows:
+
+- kty: "OKP"
+- crv: "AleoTestnet1Key"
+- x: An Aleo account address derived from the private key using Aleo Testnet1
+  parameters, as a Base64Url value (without the "aleo" prefix that appears in its
+  Base58 format)
+- d: An Aleo private key converted from Base58 (where it starts with
+  "APrivateKey1") to Base64Url value
+
+### Generate a DID:Key document
+
+This document gets wrapped around the keypair generated (or passed) in the
+previous step. For more context on the DID:key method, see the
+[specification](https://w3c-ccg.github.io/did-method-key/).
+
+```bash
+key=aleokey.jwk
+did=$(didkit key-to-did pkh:aleo -k $key)
+```
+
+### Prepare credential for issuing.
+
+Here, we'll issue an example credential (unsigned) and save it to a file. For
+more info about what these properties mean, see the Verifiable Credentials Data
+Model [specification](https://www.w3.org/TR/vc-data-model/).
+
+```bash
+cat > credential-unsigned.jsonld <<EOF 
+{
+       "@context": ["https://www.w3.org/2018/credentials/v1"],
+       "type": ["VerifiableCredential"],
+       "issuer": "$did",
+       "issuanceDate": "$issued",
+       "credentialSubject": {}
+}
+EOF
+```
+
+### Issue the verifiable credential.
+
+- We ask DIDKit to issue a verifiable credential using the given keypair file,
+  passing the unsigned credential on standard input.
+
+```bash
+didkit vc-issue-credential -k $key < credential-unsigned.jsonld \
+    > credential-signed.jsonld
+```
+
+### Verify a verifiable credential.
+
+- We pass the newly-issued signed verifiable credential back to didkit for
+  verification.
+
+```bash
+didkit vc-verify-credential < credential-signed.jsonld
+```
+
+### Appendix: whole script without comments
+
+```bash
+#!/bin/sh
+set -ex
+key=../ssi/tests/aleotestnet1-2021-11-22.json
+did=$(didkit key-to-did pkh:aleo -k $key)
+issued=$(date -uIsec)
+
+cat > credential-unsigned.jsonld <<EOF 
+{
+       "@context": ["https://www.w3.org/2018/credentials/v1"],
+       "type": ["VerifiableCredential"],
+       "issuer": "$did",
+       "issuanceDate": "$issued",
+       "credentialSubject": {}
+}
+EOF
+
+didkit vc-issue-credential -k $key < credential-unsigned.jsonld \
+    > credential-signed.jsonld
+
+didkit vc-verify-credential < credential-signed.jsonld
+```

docs/didkit-examples/index.md

@@ -5,20 +5,23 @@ slug: /didkit-examples/
 sidebar_title: Overview
 ---
 
-Coding is hard, and learning new tools is harder.  For those who learn best by example, we have heavily commented some snippets and examples.
+Coding is hard, and learning new tools is harder. For those who learn best by
+example, we have heavily commented some snippets and examples.
 
-|Tool|Example|
-|---|---|
-|DIDKit-CLI|[Core DID, VC, and VP functions (CLI)][]|
-|DIDKit-CLI|[Batch generation/verification][]|
-|DIDKit-HTTP|[Core DID, VC, and VP functions (HTTP)][]|
-|DIDKit-Java, Authentication, Tomcat, CHAPI|[Github](https://github.com/spruceid/didkit/tree/main/examples/java-jsp#readme)|
-|DIDKit-Java, Authentication, Maven, MySQL, Redis|[Github](https://github.com/spruceid/didkit/tree/main/examples/java-springboot#readme)|
-|DIDKit-Node (Wasm), Blockchain Indexer|[JS Code](https://github.com/spruceid/tzprofiles/blob/main/api/service/index.js)|
-|DIDKit-Node (Neon), Web Application, dApp|[JS Code](https://github.com/spruceid/tzprofiles/tree/main/dapp)|
-|DIDKit-Python, [Django web framework](https://www.djangoproject.com/)|[example in GitHub](https://github.com/spruceid/didkit/tree/main/examples/python_django)|
-|DIDKit-Python, [Flask web microframework](https://flask.palletsprojects.com/en/2.0.x/)|[example in GitHub](https://github.com/spruceid/didkit/tree/main/examples/python-flask/)|
+| Tool                                                                                   | Example                                                                                  |
+| -------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- |
+| DIDKit-CLI                                                                             | [Core DID, VC, and VP functions (CLI)][Core DID, VC, and VP functions (CLI)]             |
+| DIDKit-CLI                                                                             | [Batch generation/verification][Batch generation/verification]                           |
+| DIDKit-CLI                                                                             | [Core functions using Aleo][Core functions using Aleo]                                   |
+| DIDKit-HTTP                                                                            | [Core DID, VC, and VP functions (HTTP)][Core DID, VC, and VP functions (HTTP)]           |
+| DIDKit-Java, Authentication, Tomcat, CHAPI                                             | [Github](https://github.com/spruceid/didkit/tree/main/examples/java-jsp#readme)          |
+| DIDKit-Java, Authentication, Maven, MySQL, Redis                                       | [Github](https://github.com/spruceid/didkit/tree/main/examples/java-springboot#readme)   |
+| DIDKit-Node (Wasm), Blockchain Indexer                                                 | [JS Code](https://github.com/spruceid/tzprofiles/blob/main/api/service/index.js)         |
+| DIDKit-Node (Neon), Web Application, dApp                                              | [JS Code](https://github.com/spruceid/tzprofiles/tree/main/dapp)                         |
+| DIDKit-Python, [Django web framework](https://www.djangoproject.com/)                  | [example in GitHub](https://github.com/spruceid/didkit/tree/main/examples/python_django) |
+| DIDKit-Python, [Flask web microframework](https://flask.palletsprojects.com/en/2.0.x/) | [example in GitHub](https://github.com/spruceid/didkit/tree/main/examples/python-flask/) |
 
 [Core DID, VC, and VP functions (CLI)]: didkit-examples/core-functions-in-bash.md
+[Core functions using Aleo]: didkit-examples/core-functions-with-aleo.md
 [Core DID, VC, and VP functions (HTTP)]: didkit-examples/core-functions-in-curl.md
 [Batch generation/verification]: didkit-examples/batch-generation.md

sidebars.js

@@ -29,6 +29,7 @@ module.exports = {
       'didkit-examples/overview', 
       'didkit-examples/core-functions-in-bash', 
       'didkit-examples/core-functions-in-curl', 
+      'didkit-examples/core-functions-with-aleo', 
       'didkit/did-web',
       'didkit-examples/batch-generation',
       'didkit-examples/java-springboot',