delegation offer over didcomm #537
Merged
maycon-mello merged 11 commits intoJun 3, 2026
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a DIDComm-based delegation offer flow to the core SDK: an issuer can mint an OOB invitation URL pointing to a stored DelegationOffer, a holder can scan/decode it and emit a delegationOfferReceived event, request the credential, and the issuer then issues a delegated credential back over DIDComm. Also adds a delegateCredential helper that derives delegator key material from the wallet, renames the internal getAll DID helper to the exported getAllDIDs, and introduces a createFullWalletClient() test helper plus a two-wallet integration test exercising the full exchange.
Changes:
- New
delegation-offer.tsmodule with OOB encode/decode, two message handlers, and a dispatch entry point. - New
delegateCredentialindelegation-issuance.tsand supportinggetAllDIDs/getDIDKeyPairexports indid-provider.ts. - New isolated-wallet helper and integration test covering issuer ↔ holder delegation offer exchange.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 10 comments.
Show a summary per file
| File | Description |
|---|---|
| packages/core/src/did-provider.ts | Renames internal getAll to exported getAllDIDs, adds getDIDKeyPair, updates internal callers; public didProvider.getAll() API unchanged. |
| packages/core/src/delegation/delegation-issuance.ts | Adds delegateCredential that picks a wallet DID/keypair and re-issues a delegated credential preserving root id. |
| packages/core/src/delegation/delegation-offer.ts | New module: OOB invitation build/decode, handlers for invitation and credential-request, dispatcher, and acceptDelegationOffer. |
| integration-tests/helpers/wallet-helpers.ts | Adds createFullWalletClient() that builds an in-memory wallet with its own DID/credential/message providers. |
| integration-tests/delegation-offer.test.ts | Two-wallet end-to-end test for the delegation offer flow (invite → request → issuance). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
The EDV server returns HTTP 404 on /query for vaults with no indices yet (e.g. fresh vaults from wrong biometric credentials). ky now surfaces this as 'Request failed with status code 404 Not Found' rather than the legacy 'Not Found' message the universal-wallet catch handles, so biometric authentication failures were leaking raw HTTP errors instead of the domain-level 'Invalid identifier' error.
mike-parkhill
approved these changes
Jun 3, 2026
maycon-mello
deleted the
DCKA-5127-delegation-of-credential-using-the-wallet
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.