# π `@originvault/ov-id-sdk` (in alpha)
**Decentralized Identity SDK for OriginVault**
`@originvault/ov-id-sdk` a TypeScript SDK for decentralized identity (DID) management, verifiable credential (VC) signing and verification, and cryptographic commit signing. It enables secure DID operations, private key management, W3C-compliant credential handling, and signed commits/releases with verifiable metadata.
πΉ Features
- β
DID Creation & Import β Generate or restore did:cheqd and did:vda identities
- β
Secure Key Storage β Encrypt and store private keys securely, retrieve when needed
- β
Primary DID Management β Set and retrieve the default DID for signing credentials
- β
Verifiable Credential Signing & Verification β Issue & verify W3C-compliant credentials
- β
Cryptographic Release Signing β Sign and verify Git software releases using DID credentials
- β
Development Environment Metadata β Capture system & package metadata for auditability
- β
Web5 Trust Layer Integration β Designed for OriginVaultβs decentralized identity and verification ecosystem
---
## π¦ Installation
```bash
npm install @originvault/ov-id-sdk
```
## [Example Release Cert](https://github.com/OriginVault/ov-id-sdk/blob/main/.my-certificates/@originvault/ov-id-sdk-0.0.1-alpha.23-2025-03-03T05%EF%80%BA14%EF%80%BA01.454Z.json)
---
## π Quick Start
### **1οΈβ£ Create or Import a DID**
```typescript
import { createDID, importDID } from "@originvault/ov-id-sdk";
import { userStore } from "@originvault/ov-id-sdk";
// β
Create a new DID
const { agent } = await userStore.initialize();
const publisherDID = await userStore.getPrimaryDID();
const { did } = await createDID({ method: "cheqd", agent, publisherDID});
console.log("New DID:", did);
// Optional: Set the new DID as the primary DID & customize the alias
const { agent } = await userStore.initialize();
const publisherDID = await userStore.getPrimaryDID();
const { did } = await createDID({
method: "cheqd",
agent,
publisherDID,
isPrimary: true,
alias: "did:cheqd:mainnet:1234"
});
console.log("New DID:", did);
// β
Import an existing DID from a mnemonic
const importedDID = await importDID("your mnemonic phrase here", "cheqd");
console.log("Imported DID:", importedDID);
```
---
### **2οΈβ£ Securely Store & Retrieve a Private Key**
```typescript
import { storePrivateKey, retrievePrivateKey } from "@originvault/ov-id-sdk";
// β
Store a private key securely
await storePrivateKey("did:cheqd:mainnet:1234", "your-private-key");
// β
Retrieve the private key when needed
const privateKey = await retrievePrivateKey("did:cheqd:mainnet:1234");
console.log("Retrieved Private Key:", privateKey);
```
---
### **3οΈβ£ Set & Get a Primary DID for Signing**
```typescript
import { setPrimaryDID, getPrimaryDID } from "@originvault/ov-id-sdk";
// β
Set a primary DID
await setPrimaryDID("did:cheqd:mainnet:1234");
// β
Get the primary DID (for signing operations)
const primaryDID = await getPrimaryDID();
console.log("Primary DID:", primaryDID);
```
---
### **4οΈβ£ Sign & Verify Verifiable Credentials**
```typescript
import { signVC, verifyVC } from "@originvault/ov-id-sdk";
// β
Sign a Verifiable Credential
const vcJwt = await signVC("did:cheqd:mainnet:1234", "subject-id");
console.log("Signed VC:", vcJwt);
// β
Verify a Verifiable Credential
const isValid = await verifyVC(vcJwt);
console.log("VC Verification:", isValid);
```
---
### **5οΈβ£ Sign Releases**
```typescript
import { parentStore, signRelease } from "@originvault/ov-id-sdk";
// β
Self-sign a release
const { signRelease: signParentRelease } = await parentStore.initialize();
await signRelease(parentStore) || await signParentRelease();
console.log("Latest release signed successfully. Ready to publish.");
```
---
### **7οΈβ£ Get Development Environment Metadata**
```typescript
import { getEnvironmentMetadata } from "@originvault/ov-id-sdk";
// β
Get development environment metadata
const packageJsonPath = path.join(__dirname, '../package.json');
const environment = getEnvironmentMetadata(packageJsonPath);
console.log("Development Environment:", environment);
```
## π Configuration
| **Environment Variable** | **Description** |
|------------------|-----------------------------------------------|
| `COMMIT_HASH` | (Optional) Commit hash to sign |
| `COSMOS_PAYER_SEED` | (Optional) Cosmos payer seed |
| `CHEQD_RPC_URL` | (Optional) Cheqd RPC URL |
| `ENCRYPTION_KEY` | (Optional if key can be shared through the terminal) Encryption key for private keys |
---
## π Built With
- **[Cheqd DID SDK](https://docs.cheqd.io/)** β DID creation & verification
- **[Veramo](https://veramo.io/)** β Web5-native identity agent
- **[W3C Verifiable Credentials](https://www.w3.org/TR/vc-data-model/)** β Open trust standards
- **[Polkadot Keyring](https://polkadot.js.org/docs/api/start/keyring/)** β Secure, in-memory key management for DIDs
---
## π License
`@originvault/ov-id-sdk` is licensed under **MIT**.
---
## π Next Steps
- [ ] Add **multi-user key management**
- [ ] Support **additional DID methods**
- [ ] Provide **browser-compatible secure storage**
---
### **π Contributors & Feedback**
If you have suggestions or want to contribute, open an issue or pull request on [GitHub](https://github.com/originvault/ov-id-sdk).
π **Now, `ov-id-sdk` is ready to power decentralized identity in Web5!**