diff --git a/packages/issuer-sdk-js/src/create-issuer-config.test.ts b/packages/issuer-sdk-js/src/create-issuer-config.test.ts index 774be2fa0..60ca1c86f 100644 --- a/packages/issuer-sdk-js/src/create-issuer-config.test.ts +++ b/packages/issuer-sdk-js/src/create-issuer-config.test.ts @@ -39,12 +39,10 @@ describe("createIssuerConfig", () => { it("should correctly initialize and return config", async () => { const signingKeyPair = nacl.sign.keyPair(); - const encryptionKeyPair = nacl.box.keyPair(); const params = { nodeUrl: "http://mock-node-url", signingKeyPair, - encryptionKeyPair, }; const result = await createIssuerConfig(params); @@ -69,7 +67,6 @@ describe("createIssuerConfig", () => { dbid: "mock-dbid", kwilClient: expect.any(Object), kwilSigner: expect.any(KwilSigner), - encryptionKeyPair: expect.any(Object), signingKeyPair: expect.any(Object), }); }); diff --git a/packages/issuer-sdk-js/src/create-issuer-config.ts b/packages/issuer-sdk-js/src/create-issuer-config.ts index 1fd2f41e8..327db0264 100644 --- a/packages/issuer-sdk-js/src/create-issuer-config.ts +++ b/packages/issuer-sdk-js/src/create-issuer-config.ts @@ -49,7 +49,6 @@ export interface IssuerConfig { kwilClient: NodeKwil; kwilSigner: KwilSigner; signingKeyPair: nacl.SignKeyPair; - encryptionKeyPair: nacl.SignKeyPair; } type CreateIssuerConfigParams = { @@ -57,7 +56,6 @@ type CreateIssuerConfigParams = { dbId?: string; nodeUrl: string; signingKeyPair: nacl.SignKeyPair; - encryptionKeyPair: nacl.BoxKeyPair; }; export async function createIssuerConfig(params: CreateIssuerConfigParams): Promise<IssuerConfig> { @@ -83,6 +81,5 @@ export async function createIssuerConfig(params: CreateIssuerConfigParams): Prom }), kwilSigner: createKwilSigner(params.signingKeyPair), signingKeyPair: params.signingKeyPair, - encryptionKeyPair: params.encryptionKeyPair, }; } diff --git a/packages/issuer-sdk-js/src/credentials.ts b/packages/issuer-sdk-js/src/credentials.ts index aab558814..a0be5c301 100644 --- a/packages/issuer-sdk-js/src/credentials.ts +++ b/packages/issuer-sdk-js/src/credentials.ts @@ -44,12 +44,9 @@ const buildInsertableIDOSCredential = ( receiverEncryptionPublicKey: Uint8Array; }, ): InsertableIDOSCredential => { + const ephemeralKeyPair = nacl.box.keyPair(); const content = Base64Codec.decode( - encryptContent( - plaintextContent, - receiverEncryptionPublicKey, - issuerConfig.encryptionKeyPair.secretKey, - ), + encryptContent(plaintextContent, receiverEncryptionPublicKey, ephemeralKeyPair.secretKey), ); const { public_notes, public_notes_signature } = buildUpdateablePublicNotes(issuerConfig, { @@ -71,7 +68,7 @@ const buildInsertableIDOSCredential = ( ), issuer_auth_public_key: HexCodec.encode(issuerConfig.signingKeyPair.publicKey, true), - encryption_public_key: Base64Codec.encode(issuerConfig.encryptionKeyPair.publicKey), + encryption_public_key: Base64Codec.encode(ephemeralKeyPair.publicKey), }; };