npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

openclaw-identity-trust

v1.0.0

Published

Decentralized Identity (DID) and Verifiable Credentials management for AI Agents

Downloads

108

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

zhenstaffzhenstaff

Keywords

diddecentralized-identityverifiable-credentialsw3cidentitytrustai-agentopenclawblockchaincryptography

Readme

OpenClaw Identity Trust

Decentralized Identity (DID) and Verifiable Credentials management system for AI Agents.

Built on W3C DID Core and W3C Verifiable Credentials standards, providing secure identity verification and trust management for autonomous agents.

Features

  • DID Management - Create and resolve Decentralized Identifiers
    • did:key - Self-contained, no registry needed
    • did:web - Web-hosted DIDs
    • did:ethr - Ethereum-based DIDs
  • Verifiable Credentials - Issue and verify W3C-compliant credentials
  • Cryptographic Security - Ed25519 and secp256k1 signatures
  • Local Storage - Secure storage at ~/.openclaw/identity/
  • Trust Evaluation - Policy-based trust scoring for agents
  • CLI & Programmatic - Use as command-line tool or Node.js library

Installation

From npm

npm install -g openclaw-identity-trust

From source

git clone https://github.com/ZhenRobotics/openclaw-identity-trust.git
cd openclaw-identity-trust
npm install
npm run build

Quick Start

1. Create a DID

# Create a did:key (recommended for agents)
identity-trust did create

# Create a did:web
identity-trust did create --method web --domain example.com

# Output:
# DID: did:key:z6MkfzZZD5gxQ...
# DID Document: {...}

2. Issue a Verifiable Credential

# Create issuer and subject DIDs first
identity-trust did create  # Save as issuer
identity-trust did create  # Save as subject

# Issue credential
identity-trust vc issue \
  --issuer did:key:z6Mkf... \
  --subject did:key:z6Mkp... \
  --claims '{"role":"developer","level":"senior"}'

3. Verify a Credential

# Verify by ID
identity-trust vc verify <credential-id>

# Verify JSON string
identity-trust vc verify '{"@context": [...], ...}'

4. List Identities

# List all DIDs
identity-trust did list

# List all credentials
identity-trust vc list

# List credentials for specific DID
identity-trust vc list --subject did:key:z6Mkf...

CLI Reference

DID Commands

| Command | Description | |---------|-------------| | did create [options] | Create a new DID | | did resolve <did> | Resolve a DID to its document | | did list | List all stored DIDs |

Options for did create:

  • -m, --method <method> - DID method: key, web, ethr (default: key)
  • -k, --key-type <type> - Key type: Ed25519, secp256k1 (default: Ed25519)
  • -d, --domain <domain> - Domain for did:web
  • -a, --address <address> - Ethereum address for did:ethr
  • --no-save - Don't save to local storage

Verifiable Credential Commands

| Command | Description | |---------|-------------| | vc issue [options] | Issue a verifiable credential | | vc verify <credential> | Verify a credential | | vc list [options] | List stored credentials |

Options for vc issue:

  • -i, --issuer <did> - Issuer DID (required)
  • -s, --subject <did> - Subject DID (required)
  • -c, --claims <json> - Claims as JSON string (required)
  • -t, --type <type> - Credential type (default: VerifiableCredential)
  • -e, --expiration <days> - Expiration in days

Options for vc verify:

  • --no-expiration - Skip expiration check

Options for vc list:

  • -s, --subject <did> - Filter by subject DID

Utility Commands

| Command | Description | |---------|-------------| | export | Export all data as JSON | | info | Show system information |

Programmatic Usage

TypeScript/JavaScript

import {
  generateDID,
  issueCredential,
  verifyCredential,
  LocalStorage
} from 'openclaw-identity-trust';

// Initialize storage
const storage = new LocalStorage();
await storage.initialize();

// Create a DID
const { did, document, keyPair } = await generateDID('key', {
  keyType: 'Ed25519'
});

// Issue a credential
const credential = await issueCredential({
  issuerDid: 'did:key:z6Mkf...',
  issuerKeyPair: keyPair,
  subjectDid: 'did:key:z6Mkp...',
  claims: { role: 'developer', level: 'senior' },
  expirationDate: new Date(Date.now() + 30 * 24 * 60 * 60 * 1000) // 30 days
});

// Verify a credential
const result = await verifyCredential(credential, {
  checkExpiration: true,
  localStore: storage.getDIDStore()
});

console.log('Verified:', result.verified);
console.log('Checks:', result.checks);

OpenClaw Agent Integration

Using Agent Tools

import tools from 'openclaw-identity-trust/agents/tools';

// Initialize
await tools.initialize();

// Create DID for agent
const { did, document } = await tools.did_create({
  method: 'key',
  keyType: 'Ed25519',
  save: true
});

// Issue capability credential
const credential = await tools.vc_issue({
  issuerDid: 'did:key:issuer...',
  subjectDid: did,
  claims: { capabilities: ['read', 'write', 'execute'] },
  expirationDays: 90
});

// Evaluate trust
const trustResult = await tools.trust_evaluate(did, {
  minimumTrustLevel: 50,
  requiredCredentials: ['CapabilityCredential'],
  trustedIssuers: ['did:key:trusted...']
});

console.log('Trust Level:', trustResult.trustLevel);
console.log('Passed:', trustResult.passed);

Use Cases

1. AI Agent Identity

Create persistent identities for AI agents:

# Create agent identity
identity-trust did create --method key

# Issue agent capabilities
identity-trust vc issue \
  --issuer did:key:authority... \
  --subject did:key:agent... \
  --claims '{"agent":"GPT-Agent-001","capabilities":["api_access","data_read"]}'

2. Service Authentication

Authenticate agents accessing services:

// Agent presents credential
const credential = await storage.getCredential(credentialId);

// Service verifies credential
const result = await verifyCredential(credential);

if (result.verified) {
  // Grant access
  console.log('Access granted');
} else {
  console.log('Access denied:', result.error);
}

3. Trust Networks

Build trust relationships between agents:

// Evaluate agent trust
const trust = await tools.trust_evaluate(agentDid, {
  minimumTrustLevel: 60,
  requiredCredentials: ['IdentityCredential', 'CapabilityCredential'],
  trustedIssuers: [authorityDid],
  allowExpired: false
});

if (trust.passed) {
  // Agent is trusted
  console.log(`Trust level: ${trust.trustLevel}%`);
}

Architecture

┌─────────────────────────────────────────┐
│         OpenClaw Identity Trust         │
├─────────────────────────────────────────┤
│                                         │
│  ┌─────────────┐    ┌──────────────┐  │
│  │   DID Core  │    │  VC Issuer   │  │
│  │  Generator  │───→│  & Verifier  │  │
│  │  Resolver   │    │              │  │
│  └─────────────┘    └──────────────┘  │
│         │                   │          │
│         └───────┬───────────┘          │
│                 ↓                      │
│        ┌────────────────┐              │
│        │  Cryptography  │              │
│        │  Ed25519/secp  │              │
│        └────────────────┘              │
│                 │                      │
│                 ↓                      │
│        ┌────────────────┐              │
│        │ Local Storage  │              │
│        │ ~/.openclaw/   │              │
│        └────────────────┘              │
│                                         │
├─────────────────────────────────────────┤
│         Standards Compliance            │
│  • W3C DID Core 1.0                    │
│  • W3C Verifiable Credentials 1.1      │
│  • Ed25519 Signature 2020              │
│  • Multibase Encoding                  │
└─────────────────────────────────────────┘

Standards

This implementation follows:

Security

  • Ed25519 - Modern elliptic curve signatures (default)
  • secp256k1 - Ethereum-compatible signatures
  • Local key storage - Private keys stored locally at ~/.openclaw/identity/
  • No external dependencies - Cryptography handled by @noble libraries

Security Best Practices

  1. Key Protection - Never share private keys
  2. Expiration - Always set expiration dates on credentials
  3. Verification - Always verify credentials before trusting
  4. Trust Policies - Define clear trust policies for your use case

API Reference

Types

// DID Methods
type DIDMethod = 'key' | 'web' | 'ethr';

// Key Types
type KeyType = 'Ed25519' | 'secp256k1';

// DID Document
interface DIDDocument {
  '@context': string | string[];
  id: string;
  verificationMethod?: VerificationMethod[];
  authentication?: (string | VerificationMethod)[];
  assertionMethod?: (string | VerificationMethod)[];
  // ... more fields
}

// Verifiable Credential
interface VerifiableCredential {
  '@context': string | string[];
  id?: string;
  type: string | string[];
  issuer: string | Issuer;
  issuanceDate: string;
  expirationDate?: string;
  credentialSubject: CredentialSubject;
  proof: Proof;
}

See src/types.ts for complete type definitions.

Examples

See the examples/ directory for:

  • Basic DID creation
  • Credential issuance workflow
  • Verification examples
  • Agent integration patterns
  • Trust network setup

Development

# Install dependencies
npm install

# Build
npm run build

# Run CLI in development
npm run dev -- did create

# Run tests
npm test

# Lint
npm run lint

Contributing

Contributions welcome! Please:

  1. Fork the repository
  2. Create a feature branch
  3. Make your changes
  4. Submit a pull request

License

MIT License - see LICENSE file for details.

Links

  • GitHub: https://github.com/ZhenRobotics/openclaw-identity-trust
  • npm: https://www.npmjs.com/package/openclaw-identity-trust
  • ClawHub: https://clawhub.ai/ZhenStaff/identity-trust

Support

  • Issues: https://github.com/ZhenRobotics/openclaw-identity-trust/issues
  • Discussions: https://github.com/ZhenRobotics/openclaw-identity-trust/discussions

Built with ❤️ for the OpenClaw ecosystem