feat: sidetree longform method sets default update & recovery keys (#15)

Long-form DIDs don't need to ever use their update and recovery keys, since they don't go on a ledger, so it's safe to create keys fresh and throw away the private keys. Signed-off-by: Filip Burlacu <[email protected]>
trustbloc · Sep 14, 2023 · 4dc243c · 4dc243c
1 parent e0d5d36
commit 4dc243c
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 31 deletions.
diff --git a/method/sidetreelongform/vdr.go b/method/sidetreelongform/vdr.go
@@ -8,6 +8,8 @@ package sidetreelongform
 
 import (
 	"crypto"
+	"crypto/ed25519"
+	"crypto/rand"
 	"encoding/json"
 	"fmt"
 	"strings"
@@ -171,7 +173,7 @@ func (v *VDR) Close() error {
 
 // Create did doc.
 //
-//nolint:gocyclo
+//nolint:gocyclo,funlen
 func (v *VDR) Create(did *docdid.Doc,
 	opts ...vdrapi.DIDMethodOption) (*docdid.DocResolution, error) {
 	didMethodOpts := &vdrapi.DIDMethodOpts{Values: make(map[string]interface{})}
@@ -185,7 +187,12 @@ func (v *VDR) Create(did *docdid.Doc,
 
 	// get keys
 	if didMethodOpts.Values[UpdatePublicKeyOpt] == nil {
-		return nil, fmt.Errorf("updatePublicKey opt is empty")
+		updateKey, _, err := ed25519.GenerateKey(rand.Reader)
+		if err != nil {
+			return nil, fmt.Errorf("creating default update key: %w", err)
+		}
+
+		didMethodOpts.Values[UpdatePublicKeyOpt] = updateKey
 	}
 
 	updatePublicKey, ok := didMethodOpts.Values[UpdatePublicKeyOpt].(crypto.PublicKey)
@@ -194,7 +201,12 @@ func (v *VDR) Create(did *docdid.Doc,
 	}
 
 	if didMethodOpts.Values[RecoveryPublicKeyOpt] == nil {
-		return nil, fmt.Errorf("recoveryPublicKey opt is empty")
+		recoveryKey, _, err := ed25519.GenerateKey(rand.Reader)
+		if err != nil {
+			return nil, fmt.Errorf("creating default recovery key: %w", err)
+		}
+
+		didMethodOpts.Values[RecoveryPublicKeyOpt] = recoveryKey
 	}
 
 	recoveryPublicKey, ok := didMethodOpts.Values[RecoveryPublicKeyOpt].(crypto.PublicKey)

diff --git a/method/sidetreelongform/vdr_test.go b/method/sidetreelongform/vdr_test.go
@@ -238,12 +238,6 @@ func TestVDRI_Create(t *testing.T) {
 		v, err := New()
 		require.NoError(t, err)
 
-		recoveryKey, _, err := ed25519.GenerateKey(rand.Reader)
-		require.NoError(t, err)
-
-		updateKey, _, err := ed25519.GenerateKey(rand.Reader)
-		require.NoError(t, err)
-
 		testVM, err := createVerificationMethod(ed25519KeyType, pubKey, "abc", "Ed25519VerificationKey2020")
 		require.NoError(t, err)
 
@@ -255,8 +249,7 @@ func TestVDRI_Create(t *testing.T) {
 		simpleDoc.AssertionMethod = append(simpleDoc.AssertionMethod,
 			*ariesdid.NewReferencedVerification(testVM, ariesdid.AssertionMethod))
 
-		docResolution, err := v.Create(simpleDoc, vdrapi.WithOption(UpdatePublicKeyOpt, updateKey),
-			vdrapi.WithOption(RecoveryPublicKeyOpt, recoveryKey))
+		docResolution, err := v.Create(simpleDoc)
 		require.NoError(t, err)
 		require.NotEmpty(t, docResolution.DIDDocument.ID)
 
@@ -369,26 +362,6 @@ func TestVDRI_Create(t *testing.T) {
 
 		require.Contains(t, err.Error(), "verificationMethod needs either JSONWebKey or Base58 key")
 	})
-
-	t.Run("test update public key opt is empty", func(t *testing.T) {
-		v, err := New()
-		require.NoError(t, err)
-
-		doc, err := v.Create(didDoc, vdrapi.WithOption(RecoveryPublicKeyOpt, []byte{}))
-		require.Error(t, err)
-		require.Nil(t, doc)
-		require.Contains(t, err.Error(), "updatePublicKey opt is empty")
-	})
-
-	t.Run("test recovery public key opt is empty", func(t *testing.T) {
-		v, err := New()
-		require.NoError(t, err)
-
-		doc, err := v.Create(didDoc, vdrapi.WithOption(UpdatePublicKeyOpt, []byte{}))
-		require.Error(t, err)
-		require.Nil(t, doc)
-		require.Contains(t, err.Error(), "recoveryPublicKey opt is empty")
-	})
 }
 
 func TestVDRI_Update(t *testing.T) {