fix: correct CESR encoding

Author: bordumb

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auths-dev/verify",
-  "version": "0.2.5",
+  "version": "0.2.7",
   "description": "Drop-in <auths-verify> web component for decentralized commit verification",
   "type": "module",
   "main": "dist/auths-verify.mjs",

src/auths-verify.ts

@@ -23,6 +23,7 @@ class AuthsVerify extends HTMLElement {
   #report: VerificationReport | null = null;
   #debounceTimer: ReturnType<typeof setTimeout> | null = null;
   #detailOpen = false;
+  #verifying = false;
   #shadow: ShadowRoot;
 
   constructor() {
@@ -56,8 +57,8 @@ class AuthsVerify extends HTMLElement {
       return;
     }
 
-    // Data attributes changed — re-verify if auto
-    if (this.autoVerify && this.isConnected && this.#hasInput()) {
+    // Data attributes changed — re-verify if auto (but not while already verifying)
+    if (this.autoVerify && this.isConnected && !this.#verifying && this.#hasInput()) {
       this.#scheduleVerify();
     }
   }
@@ -148,6 +149,7 @@ class AuthsVerify extends HTMLElement {
     }
 
     this.#setState('loading');
+    this.#verifying = true;
 
     try {
       // If repo is set but attestation data is missing, resolve from forge
@@ -207,6 +209,8 @@ class AuthsVerify extends HTMLElement {
           detail: { error: err instanceof Error ? err.message : String(err) },
         }),
       );
+    } finally {
+      this.#verifying = false;
     }
   }
 

src/resolvers/did-utils.ts

@@ -68,21 +68,22 @@ export function didKeyToPublicKeyHex(didKey: string): string {
 /**
  * Decode a CESR-encoded Ed25519 public key to hex.
  *
- * CESR uses a 1-char type code prefix that replaces base64 padding.
- * For Ed25519 keys: prefix 'D', total 44 chars.
- * To decode: replace prefix with 'A' (zero byte), base64url-decode → 33 bytes,
- * skip first byte, remaining 32 bytes are the raw key.
+ * CESR uses a 1-char type code prefix. For Ed25519 keys: prefix 'D', total 44 chars.
+ * To decode: strip the prefix, base64url-decode the remaining 43 chars (with padding)
+ * to get the raw 32-byte key. This matches the Rust `KeriPublicKey::parse` implementation.
  */
 export function cesrToPublicKeyHex(cesr: string): string {
   if (cesr.length !== 44 || cesr[0] !== 'D') {
     throw new Error(`Expected 44-char CESR Ed25519 key (D prefix), got: ${cesr}`);
   }
-  const b64url = 'A' + cesr.slice(1);
-  const b64 = b64url.replace(/-/g, '+').replace(/_/g, '/');
+  // Strip the 'D' prefix, decode the remaining 43 base64url chars
+  const payload = cesr.slice(1);
+  // Convert base64url to standard base64 and add padding (43 % 4 = 3 → 1 '=')
+  const b64 = payload.replace(/-/g, '+').replace(/_/g, '/') + '=';
   const binary = atob(b64);
-  const bytes = new Uint8Array(32);
-  for (let i = 0; i < 32; i++) {
-    bytes[i] = binary.charCodeAt(i + 1);
+  const bytes = new Uint8Array(binary.length);
+  for (let i = 0; i < binary.length; i++) {
+    bytes[i] = binary.charCodeAt(i);
   }
   return bytesToHex(bytes);
 }

src/verifier-bridge.ts

@@ -14,9 +14,9 @@ let initPromise: Promise<void> | null = null;
 let wasmModule: WasmModule | null = null;
 
 interface WasmModule {
-  default: (input?: BufferSource | string) => Promise<void>;
-  verifyAttestationWithResult(attestationJson: string, issuerPkHex: string): string;
-  verifyChainJson(attestationsJsonArray: string, rootPkHex: string): string;
+  default?: (input?: BufferSource | string) => Promise<void>;
+  verifyAttestationWithResult(attestationJson: string, issuerPkHex: string): string | Promise<string>;
+  verifyChainJson(attestationsJsonArray: string, rootPkHex: string): string | Promise<string>;
 }
 
 function isInlined(): boolean {
@@ -27,17 +27,18 @@ async function loadWasm(wasmUrl?: string): Promise<void> {
   // Dynamic import of the WASM JS glue — path resolved by Vite alias
   const wasm: WasmModule = await import(/* @vite-ignore */ 'auths-verifier-wasm');
 
-  if (isInlined()) {
-    // Decode base64-inlined WASM and initialize from buffer
-    const binary = Uint8Array.from(atob(INLINE_WASM_BASE64!), c => c.charCodeAt(0));
-    await wasm.default(binary);
-  } else if (wasmUrl) {
-    // Fetch WASM from explicit URL
-    await wasm.default(wasmUrl);
-  } else {
-    // Default: let wasm-bindgen resolve the .wasm file relative to the JS glue
-    await wasm.default();
+  if (typeof wasm.default === 'function') {
+    // Module requires explicit initialization (slim build or dev mode)
+    if (isInlined()) {
+      const binary = Uint8Array.from(atob(INLINE_WASM_BASE64!), c => c.charCodeAt(0));
+      await wasm.default(binary);
+    } else if (wasmUrl) {
+      await wasm.default(wasmUrl);
+    } else {
+      await wasm.default();
+    }
   }
+  // If no .default export, WASM was auto-initialized by vite-plugin-wasm (ESM direct import)
 
   wasmModule = wasm;
 }
@@ -66,7 +67,7 @@ export async function verifyAttestation(
 ): Promise<VerificationResult> {
   await ensureInit();
   try {
-    const resultJson = wasmModule!.verifyAttestationWithResult(attestationJson, issuerPublicKeyHex);
+    const resultJson = await wasmModule!.verifyAttestationWithResult(attestationJson, issuerPublicKeyHex);
     return JSON.parse(resultJson) as VerificationResult;
   } catch (error) {
     return {
@@ -89,7 +90,7 @@ export async function verifyChain(
   );
 
   try {
-    const reportJson = wasmModule!.verifyChainJson(attestationsJson, rootPublicKeyHex);
+    const reportJson = await wasmModule!.verifyChainJson(attestationsJson, rootPublicKeyHex);
     return JSON.parse(reportJson) as VerificationReport;
   } catch (error) {
     return {

tests/resolvers/did-utils.test.ts

@@ -1,5 +1,9 @@
 import { describe, it, expect } from 'vitest';
-import { didKeyToPublicKeyHex, sanitizeDidForRef } from '../../src/resolvers/did-utils';
+import {
+  cesrToPublicKeyHex,
+  didKeyToPublicKeyHex,
+  sanitizeDidForRef,
+} from '../../src/resolvers/did-utils';
 
 describe('didKeyToPublicKeyHex', () => {
   it('should extract Ed25519 public key from did:key:z...', () => {
@@ -28,6 +32,32 @@ describe('didKeyToPublicKeyHex', () => {
   });
 });
 
+describe('cesrToPublicKeyHex', () => {
+  it('decodes CESR Ed25519 key matching Rust KeriPublicKey::parse', () => {
+    // Real test vector from identity E6IXlw5-lnX88r3WZCt3u1qyN_Xlq7nQjtoTmuOfMIjI
+    // CESR key from state.json current_keys[0]
+    const cesr = 'D1P_LPk3v4aTOxFMeLJq55lsPL5-i_BhRfIn27APru2Q';
+    // Expected: Rust KeriPublicKey::parse strips D, base64url-decodes 43 chars → 32 bytes
+    const expected = 'd4ffcb3e4defe1a4cec4531e2c9ab9e65b0f2f9fa2fc18517c89f6ec03ebbb64';
+    expect(cesrToPublicKeyHex(cesr)).toBe(expected);
+  });
+
+  it('decodes all-zero key correctly', () => {
+    // Rust: KeriPublicKey::parse("DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA") → [0u8; 32]
+    const cesr = 'DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA';
+    const expected = '0'.repeat(64);
+    expect(cesrToPublicKeyHex(cesr)).toBe(expected);
+  });
+
+  it('rejects non-D prefix', () => {
+    expect(() => cesrToPublicKeyHex('X' + 'A'.repeat(43))).toThrow('Expected 44-char CESR');
+  });
+
+  it('rejects wrong length', () => {
+    expect(() => cesrToPublicKeyHex('DAAA')).toThrow('Expected 44-char CESR');
+  });
+});
+
 describe('sanitizeDidForRef', () => {
   it('should replace colons with underscores', () => {
     expect(sanitizeDidForRef('did:keri:EOrg123')).toBe('did_keri_EOrg123');

tests/verifier-bridge-regression.test.ts

@@ -0,0 +1,114 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+
+/**
+ * Regression tests for verifier-bridge.
+ *
+ * These test the REAL verifier-bridge source against a mocked WASM module,
+ * unlike verifier-bridge.test.ts which mocks the entire bridge.
+ *
+ * Covers:
+ *   - Bug #1: loadWasm crashes when WASM module has no .default() export
+ *             (auto-initialized by vite-plugin-wasm)
+ *   - Bug #2: WASM functions return Promises but were not awaited,
+ *             causing JSON.parse(Promise) → SyntaxError
+ */
+
+const mockVerifyAttestationWithResult = vi.fn();
+const mockVerifyChainJson = vi.fn();
+
+// Mock the underlying WASM module — NOT the bridge itself.
+// This exercises the real verifier-bridge logic.
+vi.mock('auths-verifier-wasm', () => ({
+  // Explicitly set default to undefined — simulates vite-plugin-wasm
+  // auto-initialized module that has no init function.
+  default: undefined,
+  verifyAttestationWithResult: mockVerifyAttestationWithResult,
+  verifyChainJson: mockVerifyChainJson,
+}));
+
+// Import the REAL verifier-bridge (it will dynamically import our mock above)
+import { ensureInit, verifyAttestation, verifyChain } from '../src/verifier-bridge';
+
+describe('verifier-bridge regressions', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+  });
+
+  describe('Bug #1: WASM module without .default export', () => {
+    it('ensureInit succeeds when module has no .default()', async () => {
+      // vite-plugin-wasm auto-initializes WASM and produces a module
+      // without .default(). Before the fix, this threw:
+      //   TypeError: wasm.default is not a function
+      await expect(ensureInit()).resolves.toBeUndefined();
+    });
+  });
+
+  describe('Bug #2: async WASM functions must be awaited', () => {
+    it('verifyChain awaits a Promise-returning verifyChainJson', async () => {
+      // WASM functions compiled with async Rust return Promises via externref.
+      // Before the fix, the Promise was passed directly to JSON.parse(),
+      // which stringified it to "[object Promise]" and threw SyntaxError.
+      mockVerifyChainJson.mockResolvedValue(
+        JSON.stringify({
+          status: { type: 'Valid' },
+          chain: [{ issuer: 'did:keri:a', subject: 'did:key:b', valid: true }],
+          warnings: [],
+        }),
+      );
+
+      const report = await verifyChain([{ test: true }], 'aabbccdd');
+      expect(report.status.type).toBe('Valid');
+      expect(report.chain).toHaveLength(1);
+    });
+
+    it('verifyAttestation awaits a Promise-returning verifyAttestationWithResult', async () => {
+      mockVerifyAttestationWithResult.mockResolvedValue(
+        JSON.stringify({ valid: true }),
+      );
+
+      const result = await verifyAttestation('{"test":true}', 'aabbccdd');
+      expect(result.valid).toBe(true);
+    });
+
+    it('verifyChain does not produce BrokenChain from un-awaited Promise', async () => {
+      // The specific symptom: JSON.parse(Promise) throws, catch block returns
+      // { status: { type: 'BrokenChain' } }. If this test gets BrokenChain
+      // with a valid mock, the await is missing.
+      mockVerifyChainJson.mockResolvedValue(
+        JSON.stringify({
+          status: { type: 'Valid' },
+          chain: [],
+          warnings: [],
+        }),
+      );
+
+      const report = await verifyChain([], 'aabb');
+      expect(report.status.type).not.toBe('BrokenChain');
+      expect(report.status.type).toBe('Valid');
+    });
+
+    it('verifyChain still handles sync return values', async () => {
+      // If WASM functions return a plain string (not a Promise),
+      // await on a non-thenable just passes it through.
+      mockVerifyChainJson.mockReturnValue(
+        JSON.stringify({
+          status: { type: 'Valid' },
+          chain: [],
+          warnings: [],
+        }),
+      );
+
+      const report = await verifyChain([], 'aabb');
+      expect(report.status.type).toBe('Valid');
+    });
+
+    it('verifyAttestation still handles sync return values', async () => {
+      mockVerifyAttestationWithResult.mockReturnValue(
+        JSON.stringify({ valid: true }),
+      );
+
+      const result = await verifyAttestation('{"test":true}', 'aabb');
+      expect(result.valid).toBe(true);
+    });
+  });
+});