All notable changes to signet-core are documented in this file.
The format is loosely based on Keep a Changelog, and this project adheres to Semantic Versioning.
- New
SelectiveDisclosure.deriveProof(...)— holder-side step that strips the issuer HMAC key from the presented proof and emits a derived proof (CBOR tag0xd9 0x5d 0x01) carryingbaseSignature,publicKey, per-quad signatures, ac14n → HMAClabelMap, andmandatoryIndexes. - New
SelectiveDisclosure.verifyDerivedProof(...)— verifier-side reconstruction of the signed canonical form vialabelMap; no HMAC key required. - Base proof CBOR header corrected to
0xd9 0x5d 0x00andproofValuemultibase prefix corrected tou(base64url-no-pad) per W3C VC-DI-ECDSA §3.5.2 / §3.5.3.eddsa-rdfc-2022andecdsa-rdfc-2022retainz(base58btc).
- ECDSA P-256 signatures are now normalized to low-S on sign and
rejected as malformed on verify, closing a signature-malleability path
where
(r, s)and(r, n − s)both verified for the same message. AffectssignEcdsaP256RawandSelectiveDisclosure.signEcdsaP256. - Defensive key material zeroization: Ed25519 seed bytes, P-256
private keys, and the
ecdsa-sd-2023HMAC-SHA256 key are now wiped viatry-finallyafter use, reducing exposure in heap dumps, core dumps, and swap.
JsonLdProcessorapplies Unicode NFC at the ingress boundary to string literals and map keys, so composed/decomposed forms canonicalize identically. Numeric type handling widened toShort,Byte,Float,BigDecimal,BigInteger; unknown types now fail loudly.- Added W3C
rdf-canonconformance tests (vectors 001–006, 017, 020, 021, 043, 053, 054, 076) covering blank-node relabeling, graph isomorphism, RDF collections, and language-tagged literals.
- Added GitHub Actions workflow (
.github/workflows/ci.yml) running./gradlew buildon every push and pull request with Temurin JDK 17, Gradle wrapper caching, and a concurrency group that cancels superseded runs on the same ref.