feat!: awake (#66)

package.json

@@ -17,8 +17,8 @@
  "lint-staged": "^13.0.3",
  "prettier": "2.7.1",
  "simple-git-hooks": "^2.8.0",
- "wrangler": "^2.0.28",
- "typescript": "^4.8.3"
+ "typescript": "^4.8.3",
+ "wrangler": "^2.1.6"
  },
  "simple-git-hooks": {
  "pre-commit": "npx lint-staged"

packages/access-api/package.json

@@ -16,17 +16,17 @@
  "author": "Hugo Dias <hugomrdias@gmail.com> (hugodias.me)",
  "license": "(Apache-2.0 OR MIT)",
  "dependencies": {
- "@ipld/dag-ucan": "1.7.0-beta",
- "@ucanto/authority": "^0.5.0",
- "@ucanto/client": "^0.6.0",
- "@ucanto/core": "^0.6.0",
- "@ucanto/interface": "^0.7.0",
- "@ucanto/server": "^0.7.0",
- "@ucanto/transport": "^0.7.0",
- "@ucanto/validator": "^0.6.0",
+ "@ipld/dag-ucan": "3.0.0-beta",
+ "@ucanto/client": "^1.0.1",
+ "@ucanto/core": "^1.0.1",
+ "@ucanto/interface": "^1.0.0",
+ "@ucanto/principal": "^1.0.1",
+ "@ucanto/server": "^1.0.2",
+ "@ucanto/transport": "^1.0.1",
+ "@ucanto/validator": "^1.0.1",
  "@web3-storage/access": "workspace:^",
  "@web3-storage/worker-utils": "0.4.3-dev",
- "multiformats": "^9.6.5",
+ "multiformats": "^9.8.1",
  "nanoid": "^4.0.0",
  "toucan-js": "^2.6.0"
  },
@@ -36,22 +36,22 @@
  "@sentry/webpack-plugin": "^1.16.0",
  "@types/assert": "^1.5.6",
  "@types/git-rev-sync": "^2.0.0",
- "@types/node": "^18.7.14",
+ "@types/node": "^18.7.18",
  "assert": "^2.0.0",
  "ava": "^4.3.3",
  "buffer": "^6.0.3",
  "delay": "^5.0.0",
  "dotenv": "^16.0.2",
- "esbuild": "^0.15.6",
+ "esbuild": "^0.15.8",
  "execa": "^6.1.0",
  "git-rev-sync": "^3.0.1",
  "hd-scripts": "^2.1.0",
- "miniflare": "^2.7.1",
+ "miniflare": "^2.9.0",
  "process": "^0.11.10",
  "readable-stream": "^4.1.0",
  "sade": "^1.7.4",
- "typescript": "4.8.2",
- "wrangler": "^2.0.28"
+ "typescript": "4.8.3",
+ "wrangler": "^2.1.6"
  },
  "eslintConfig": {
  "extends": [

packages/access-api/src/kvs/accounts.js

@@ -18,7 +18,7 @@ export class Accounts {
  *
  * @param {string} issuerDID
  * @param {string} resourceDID
- * @param {import('@ucanto/interface').LinkedProof} proof
+ * @param {import('@ucanto/interface').Link} proof
  */
  async register(issuerDID, resourceDID, proof) {
  const did = await this.get(issuerDID)

packages/access-api/src/service/identity-validate.js

@@ -1,5 +1,6 @@
 import { UCAN } from '@ucanto/core'
 import * as Server from '@ucanto/server'
+import { Principal } from '@ucanto/principal'
 import {
  identityRegister,
  identityValidate,
@@ -14,7 +15,7 @@ export function identityValidateProvider(ctx) {
  async ({ capability, context, invocation }) => {
  const delegation = await identityRegister
  .invoke({
- audience: invocation.issuer,
+ audience: Principal.parse(invocation.issuer.did()),
  issuer: ctx.keypair,
  with: capability.caveats.as,
  caveats: {

packages/access-api/src/ucanto/server-codec.js

@@ -108,7 +108,7 @@ export const serverCodec = {
  if (missing.length > 0) {
  throw new HTTPError('Missing Proofs', {
  status: 510,
- // @ts-ignore - cause type is a mess
+ // @ts-ignore - Error.cause type is a mess
  cause: { prf: missing },
  })
  }

packages/access-api/src/utils/context.js

@@ -1,4 +1,4 @@
-import { SigningAuthority } from '@ucanto/authority'
+import { SigningPrincipal } from '@ucanto/principal'
 import { Logging } from '@web3-storage/worker-utils/logging'
 import Toucan from 'toucan-js'
 import pkg from '../../package.json'
@@ -49,7 +49,7 @@ export function getContext(event, params) {
  }
  )
 
- const keypair = SigningAuthority.parse(config.PRIVATE_KEY)
+ const keypair = SigningPrincipal.parse(config.PRIVATE_KEY)
  const url = new URL(event.request.url)
  return {
  params,

packages/access-api/test/helpers/setup.js

@@ -1,5 +1,5 @@
 import * as UCAN from '@ipld/dag-ucan'
-import { SigningAuthority } from '@ucanto/authority'
+import { SigningPrincipal } from '@ucanto/principal'
 import anyTest from 'ava'
 import { Delegation } from '@ucanto/core'
 import { connection as w3connection } from '@web3-storage/access/connection'
@@ -54,10 +54,10 @@ export function createAnalyticsEngine() {
  }
 }
 
-export const serviceAuthority = SigningAuthority.parse(bindings.PRIVATE_KEY)
+export const serviceAuthority = SigningPrincipal.parse(bindings.PRIVATE_KEY)
 
 /**
- * @param {UCAN.UCAN<UCAN.Capability<UCAN.Ability, `${string}:${string}`>>} ucan
+ * @param {UCAN.UCAN<[UCAN.Capability<UCAN.Ability, `${string}:${string}`>]>} ucan
  */
 export async function send(ucan) {
  return mf.dispatchFetch('http://localhost:8787', {
@@ -69,7 +69,7 @@ export async function send(ucan) {
 }
 
 /**
- * @param {import("@ucanto/interface").SigningAuthority<237> } id
+ * @param {import("@ucanto/interface").SigningPrincipal<237> } id
  */
 export function connection(id) {
  return w3connection({
@@ -81,7 +81,7 @@ export function connection(id) {
 
 /**
  * @param {import("@ucanto/interface").ConnectionView<import('@web3-storage/access/src/types').Service>} con
- * @param {import("@ucanto/interface").SigningAuthority<237>} kp
+ * @param {import("@ucanto/interface").SigningPrincipal<237>} kp
  * @param {string} email
  */
 export async function validateEmail(con, kp, email) {
@@ -111,7 +111,7 @@ export async function validateEmail(con, kp, email) {
 
 /**
  * @param {import("@ucanto/interface").ConnectionView<import('@web3-storage/access/src/types').Service>} con
- * @param {import("@ucanto/interface").SigningAuthority<237>} kp
+ * @param {import("@ucanto/interface").SigningPrincipal<237>} kp
  * @param {import("@ucanto/interface").Proof<[UCAN.Capability<UCAN.Ability, `${string}:${string}`>, ...UCAN.Capability<UCAN.Ability, `${string}:${string}`>[]]>} proof
  */
 export async function register(con, kp, proof) {

packages/access-api/test/identity-register.test.js

@@ -1,5 +1,5 @@
 import * as UCAN from '@ipld/dag-ucan'
-import { SigningAuthority } from '@ucanto/authority'
+import { SigningPrincipal } from '@ucanto/principal'
 import { Delegation } from '@ucanto/core'
 import { Accounts } from '../src/kvs/accounts.js'
 import * as caps from '@web3-storage/access/capabilities'
@@ -12,7 +12,7 @@ test.before((t) => {
 })
 
 test('register', async (t) => {
- const kp = await SigningAuthority.generate()
+ const kp = await SigningPrincipal.generate()
  const con = connection(kp)
 
  const validate = caps.identityValidate.invoke({
@@ -61,7 +61,7 @@ test('register', async (t) => {
 })
 
 test('identify', async (t) => {
- const kp = await SigningAuthority.generate()
+ const kp = await SigningPrincipal.generate()
  const con = connection(kp)
 
  const validate = caps.identityValidate.invoke({
@@ -77,12 +77,11 @@ test('identify', async (t) => {
  if (out?.error || !out) {
  return
  }
- /** @type {Types.UCAN.JWT<import('@web3-storage/access/types').IdentityRegister>} */
+ /** @type {Types.UCAN.JWT<[import('@web3-storage/access/types').IdentityRegister]>} */
  // @ts-ignore
  const jwt = out.delegation.replace('http://localhost:8787/validate?ucan=', '')
  const ucan = UCAN.parse(jwt)
  const root = await UCAN.write(ucan)
- /** @type {Types.Delegation<[import('@web3-storage/access/types').IdentityRegister]>} */
  const proof = Delegation.create({ root })
 
  const register = caps.identityRegister.invoke({

packages/access-api/test/identity-validate.test.js

@@ -6,15 +6,15 @@ import {
  connection,
 } from './helpers/setup.js'
 import * as UCAN from '@ipld/dag-ucan'
-import { SigningAuthority } from '@ucanto/authority'
+import { SigningPrincipal } from '@ucanto/principal'
 import * as caps from '@web3-storage/access/capabilities'
 
 test.before((t) => {
  t.context = { mf }
 })
 
 test.skip('should route to validate without ucanto client', async (t) => {
- const kp = await SigningAuthority.generate()
+ const kp = await SigningPrincipal.generate()
 
  const ucan = await UCAN.issue({
  issuer: kp,
@@ -32,7 +32,7 @@ test.skip('should route to validate without ucanto client', async (t) => {
 })
 
 test.skip('should fail with bad scheme', async (t) => {
- const kp = await SigningAuthority.generate()
+ const kp = await SigningPrincipal.generate()
  const ucan = await UCAN.issue({
  issuer: kp,
  audience: serviceAuthority,
@@ -59,7 +59,7 @@ test.skip('should fail with bad scheme', async (t) => {
 })
 
 test('should route correctly to identity/validate', async (t) => {
- const kp = await SigningAuthority.generate()
+ const kp = await SigningPrincipal.generate()
  const con = connection(kp)
 
  const validate = caps.identityValidate.invoke({

packages/access-api/test/ucan.test.js

@@ -1,6 +1,6 @@
 import { mf, serviceAuthority, test } from './helpers/setup.js'
 import * as UCAN from '@ipld/dag-ucan'
-import { SigningAuthority } from '@ucanto/authority'
+import { SigningPrincipal } from '@ucanto/principal'
 
 test.before((t) => {
  t.context = { mf }
@@ -45,11 +45,12 @@ test('should fail with bad ucan', async (t) => {
 test('should fail with 0 caps', async (t) => {
  const { mf } = t.context
 
- const kp = await SigningAuthority.generate()
+ const kp = await SigningPrincipal.generate()
 
  const ucan = await UCAN.issue({
  issuer: kp,
  audience: serviceAuthority,
+ // @ts-ignore
  capabilities: [],
  })
  const res = await mf.dispatchFetch('http://localhost:8787/raw', {
@@ -72,11 +73,12 @@ test('should fail with 0 caps', async (t) => {
 test('should fail with bad service audience', async (t) => {
  const { mf } = t.context
 
- const kp = await SigningAuthority.generate()
- const audience = await SigningAuthority.generate()
+ const kp = await SigningPrincipal.generate()
+ const audience = await SigningPrincipal.generate()
  const ucan = await UCAN.issue({
  issuer: kp,
  audience,
+ // @ts-ignore
  capabilities: [],
  })
  const res = await mf.dispatchFetch('http://localhost:8787/raw', {
@@ -102,7 +104,7 @@ test('should fail with bad service audience', async (t) => {
 test('should fail with with more than 1 cap', async (t) => {
  const { mf } = t.context
 
- const kp = await SigningAuthority.generate()
+ const kp = await SigningPrincipal.generate()
  const ucan = await UCAN.issue({
  issuer: kp,
  audience: serviceAuthority,
@@ -134,7 +136,7 @@ test('should fail with with more than 1 cap', async (t) => {
 test('should route to handler', async (t) => {
  const { mf } = t.context
 
- const kp = await SigningAuthority.generate()
+ const kp = await SigningPrincipal.generate()
  const ucan = await UCAN.issue({
  issuer: kp,
  audience: serviceAuthority,
@@ -153,7 +155,7 @@ test('should route to handler', async (t) => {
 test('should handle exception in route handler', async (t) => {
  const { mf } = t.context
 
- const kp = await SigningAuthority.generate()
+ const kp = await SigningPrincipal.generate()
  const ucan = await UCAN.issue({
  issuer: kp,
  audience: serviceAuthority,
@@ -175,8 +177,8 @@ test('should handle exception in route handler', async (t) => {
 test('should fail with missing proofs', async (t) => {
  const { mf } = t.context
 
- const alice = await SigningAuthority.generate()
- const bob = await SigningAuthority.generate()
+ const alice = await SigningPrincipal.generate()
+ const bob = await SigningPrincipal.generate()
  const proof1 = await UCAN.issue({
  issuer: alice,
  audience: bob,
@@ -218,8 +220,8 @@ test('should fail with missing proofs', async (t) => {
 test('should multiple invocation should pass', async (t) => {
  const { mf } = t.context
 
- const alice = await SigningAuthority.generate()
- const bob = await SigningAuthority.generate()
+ const alice = await SigningPrincipal.generate()
+ const bob = await SigningPrincipal.generate()
  const proof1 = await UCAN.issue({
  issuer: alice,
  audience: bob,