did-key.js icon indicating copy to clipboard operation
did-key.js copied to clipboard

Published 20 hours ago verified publisher icon transmute-industries

Generating a did:key secp256k1 from private key

Open lemoustachiste opened this issue 11 months ago • 2 comments

So I may be confused as to what the seed is, as from the bitcoin perspective the seed is the passphrase to get to the private key, but given I already have a private key, can I generate a did:key from it? In that case what would be the expected syntax?

Thanks

lemoustachiste avatar Sep 06 '23 12:09 lemoustachiste

This may help: https://w3c-ccg.github.io/did-method-key/

phoniks avatar Sep 06 '23 13:09 phoniks

Ok so this is not the first time I'm using did:key and while I appreciate you sending to the spec which I should probably refresh my mind on, my question is really related to the @transmute/did-key-secp256k1 package.

Here is what I have done before, when I created a key pair and the did:key representation of that key pair:

if (type === SupportedSuites.secp256k1) {
    const seed = crypto.randomBytes(32);
    keyPair = await EcdsaSecp256k1VerificationKey2019.generate({
      seed
    })
    didKey = await didKeySecp256k1.generate({
      secureRandom: () => seed
    });
    didDocument = didKey.didDocument;
    keyPair.controller = didDocument.id;
    keyPair.id = didDocument.verificationMethod[0].id;
  }

However now, since I already have the private key (and no seed), what would the API of the package expect to create a did document with the public representation derived from that private key?

I have a PEM format key generated as follows:

openssl ecparam -name secp256k1 -genkey -noout -out priv_k.pem

That's the one variable I cannot change because that's the way the private is handed to me.

Using keyto, I'm able to convert that key to JWK (private and public). I can confirm using JOSE that the public derived is the same with openssl or with JS, so I expect that the format is valid.

Then I am trying to convert the JWK to https://github.com/transmute-industries/verifiable-data/blob/main/packages/secp256k1-key-pair/src/getPublicKeyFromPublicKeyJwk.ts#L3, not entirely sure what format I should get from that, but basically trying to get back to a base58 format, sort of trying to replicate this behavior: https://github.com/transmute-industries/verifiable-data/blob/main/packages/secp256k1-key-pair/src/Secp256k1KeyPair.ts#L55-L57

However getPublicKeyFromPublicKeyJwk throws an error from secp256k1 level:

Public Key could not be parsed

Due to this condition not passing: https://github.com/cryptocoinjs/secp256k1-node/blob/master/lib/elliptic.js#L39. So I assume something somewhere is not the right math, but I'm not a cryptographer myself.

My ultimate goal is to get the PEM key represented as a did:key:secp256k1 format so that I can reference that public key in the proof.verificationMethod of my VC.

Hence my initial question, can I generate a did:key directly from the private key JWK, and if so how can I do it?

lemoustachiste avatar Sep 07 '23 14:09 lemoustachiste