Home / Input Output / atala-prism-wallet-sdk-ts
Insights Pull Requests
Apr 12, 11-12 AM (0)
Apr 13, 12-1 AM (0)
Apr 13, 1-2 AM (0)
Apr 13, 2-3 AM (0)
Apr 13, 3-4 AM (0)
Apr 13, 4-5 AM (0)
Apr 13, 5-6 AM (0)
Apr 13, 6-7 AM (0)
Apr 13, 7-8 AM (0)
Apr 13, 8-9 AM (0)
Apr 13, 9-10 AM (0)
Apr 13, 10-11 AM (0)
Apr 13, 11-12 PM (0)
Apr 13, 12-1 PM (0)
Apr 13, 1-2 PM (0)
Apr 13, 2-3 PM (0)
Apr 13, 3-4 PM (3)
Apr 13, 4-5 PM (1)
Apr 13, 5-6 PM (0)
Apr 13, 6-7 PM (0)
Apr 13, 7-8 PM (0)
Apr 13, 8-9 PM (0)
Apr 13, 9-10 PM (0)
Apr 13, 10-11 PM (0)
Apr 13, 11-12 AM (0)
Apr 14, 12-1 AM (0)
Apr 14, 1-2 AM (0)
Apr 14, 2-3 AM (0)
Apr 14, 3-4 AM (0)
Apr 14, 4-5 AM (0)
Apr 14, 5-6 AM (1)
Apr 14, 6-7 AM (0)
Apr 14, 7-8 AM (8)
Apr 14, 8-9 AM (5)
Apr 14, 9-10 AM (2)
Apr 14, 10-11 AM (4)
Apr 14, 11-12 PM (6)
Apr 14, 12-1 PM (2)
Apr 14, 1-2 PM (9)
Apr 14, 2-3 PM (1)
Apr 14, 3-4 PM (0)
Apr 14, 4-5 PM (0)
Apr 14, 5-6 PM (0)
Apr 14, 6-7 PM (0)
Apr 14, 7-8 PM (0)
Apr 14, 8-9 PM (0)
Apr 14, 9-10 PM (0)
Apr 14, 10-11 PM (0)
Apr 14, 11-12 AM (0)
Apr 15, 12-1 AM (0)
Apr 15, 1-2 AM (0)
Apr 15, 2-3 AM (0)
Apr 15, 3-4 AM (0)
Apr 15, 4-5 AM (0)
Apr 15, 5-6 AM (0)
Apr 15, 6-7 AM (0)
Apr 15, 7-8 AM (0)
Apr 15, 8-9 AM (0)
Apr 15, 9-10 AM (2)
Apr 15, 10-11 AM (0)
Apr 15, 11-12 PM (0)
Apr 15, 12-1 PM (0)
Apr 15, 1-2 PM (0)
Apr 15, 2-3 PM (0)
Apr 15, 3-4 PM (0)
Apr 15, 4-5 PM (0)
Apr 15, 5-6 PM (0)
Apr 15, 6-7 PM (0)
Apr 15, 7-8 PM (0)
Apr 15, 8-9 PM (0)
Apr 15, 9-10 PM (0)
Apr 15, 10-11 PM (0)
Apr 15, 11-12 AM (0)
Apr 16, 12-1 AM (0)
Apr 16, 1-2 AM (0)
Apr 16, 2-3 AM (0)
Apr 16, 3-4 AM (0)
Apr 16, 4-5 AM (0)
Apr 16, 5-6 AM (0)
Apr 16, 6-7 AM (0)
Apr 16, 7-8 AM (0)
Apr 16, 8-9 AM (0)
Apr 16, 9-10 AM (1)
Apr 16, 10-11 AM (1)
Apr 16, 11-12 PM (11)
Apr 16, 12-1 PM (1)
Apr 16, 1-2 PM (0)
Apr 16, 2-3 PM (0)
Apr 16, 3-4 PM (0)
Apr 16, 4-5 PM (0)
Apr 16, 5-6 PM (0)
Apr 16, 6-7 PM (0)
Apr 16, 7-8 PM (0)
Apr 16, 8-9 PM (0)
Apr 16, 9-10 PM (0)
Apr 16, 10-11 PM (0)
Apr 16, 11-12 AM (5)
Apr 17, 12-1 AM (0)
Apr 17, 1-2 AM (0)
Apr 17, 2-3 AM (0)
Apr 17, 3-4 AM (0)
Apr 17, 4-5 AM (0)
Apr 17, 5-6 AM (0)
Apr 17, 6-7 AM (0)
Apr 17, 7-8 AM (0)
Apr 17, 8-9 AM (0)
Apr 17, 9-10 AM (5)
Apr 17, 10-11 AM (2)
Apr 17, 11-12 PM (8)
Apr 17, 12-1 PM (4)
Apr 17, 1-2 PM (1)
Apr 17, 2-3 PM (0)
Apr 17, 3-4 PM (0)
Apr 17, 4-5 PM (0)
Apr 17, 5-6 PM (0)
Apr 17, 6-7 PM (5)
Apr 17, 7-8 PM (0)
Apr 17, 8-9 PM (1)
Apr 17, 9-10 PM (3)
Apr 17, 10-11 PM (0)
Apr 17, 11-12 AM (0)
Apr 18, 12-1 AM (0)
Apr 18, 1-2 AM (0)
Apr 18, 2-3 AM (0)
Apr 18, 3-4 AM (0)
Apr 18, 4-5 AM (0)
Apr 18, 5-6 AM (0)
Apr 18, 6-7 AM (0)
Apr 18, 7-8 AM (0)
Apr 18, 8-9 AM (0)
Apr 18, 9-10 AM (0)
Apr 18, 10-11 AM (0)
Apr 18, 11-12 PM (0)
Apr 18, 12-1 PM (0)
Apr 18, 1-2 PM (0)
Apr 18, 2-3 PM (0)
Apr 18, 3-4 PM (0)
Apr 18, 4-5 PM (0)
Apr 18, 5-6 PM (0)
Apr 18, 6-7 PM (0)
Apr 18, 7-8 PM (0)
Apr 18, 8-9 PM (0)
Apr 18, 9-10 PM (0)
Apr 18, 10-11 PM (0)
Apr 18, 11-12 AM (0)
Apr 19, 12-1 AM (0)
Apr 19, 1-2 AM (0)
Apr 19, 2-3 AM (0)
Apr 19, 3-4 AM (0)
Apr 19, 4-5 AM (0)
Apr 19, 5-6 AM (0)
Apr 19, 6-7 AM (0)
Apr 19, 7-8 AM (2)
Apr 19, 8-9 AM (0)
Apr 19, 9-10 AM (0)
Apr 19, 10-11 AM (1)
Apr 19, 11-12 PM (0)
Apr 19, 12-1 PM (0)
Apr 19, 1-2 PM (0)
Apr 19, 2-3 PM (0)
Apr 19, 3-4 PM (0)
Apr 19, 4-5 PM (0)
Apr 19, 5-6 PM (0)
Apr 19, 6-7 PM (0)
Apr 19, 7-8 PM (0)
Apr 19, 8-9 PM (0)
Apr 19, 9-10 PM (0)
Apr 19, 10-11 PM (0)
Apr 19, 11-12 AM (0)
95 commits this week Apr 13, 2026 - Apr 20, 2026
TheSeydiCharyyev
TheSeydiCharyyev · · atala-prism-wallet-sdk-ts
fix(didcomm): handle keylist-update-response from mediator 
The SDK sent MediationKeysUpdateList to the mediator but did not process
the response, so per-recipient failures reported by the mediator went
unnoticed.

Register a handler for the keylist-update-response protocol message.
Each entry in body.updated is inspected; results other than success or
no_change are logged as warnings with the recipient DID and action.
Confirmed against the Identus mediator (MediatorCoordinationExecuter.scala)
which returns this response with tuples of (recipient_did, action, result).

Closes #391

Signed-off-by: Seydi Charyyev <[email protected]>
4fadbad2 · pull/566/head · 6/140 ++ 1 --
TheSeydiCharyyev
TheSeydiCharyyev · · atala-prism-wallet-sdk-ts
fix(pollux): check nbf claim in JWT.verify 
JWT.verify did not validate the nbf (not before) claim, so JWTs with nbf in the future were incorrectly considered valid. This is a security issue per RFC 7519 Section 4.1.5.

Added an explicit nbf check after JWT decode: if nbf is present and the current time is before it, verify() returns false. JWTs without an nbf claim keep the previous behavior (no nbf enforced).

This is a sister fix to #489/#550 (which addressed the exp claim).

Closes #551

Signed-off-by: Seydi Charyyev <[email protected]>
60b77a43 · pull/552/head · 2/62 ++ 0 --
TheSeydiCharyyev
TheSeydiCharyyev · · atala-prism-wallet-sdk-ts
fix(pollux): check exp claim in JWT.verify 
JWT.verify did not validate the exp (expiration) claim, so expired JWTs were incorrectly considered valid. This is a security issue per RFC 7519 Section 4.1.4.

Added an explicit exp check after JWT decode: if exp is present and the current time is at or past it, verify() returns false. JWTs without an exp claim keep the previous behavior (no expiration enforced).

Closes #489

Signed-off-by: Seydi Charyyev <[email protected]>
f1e3b07b · pull/550/head · 2/62 ++ 0 --
abhigyan1102
abhigyan1102 · · atala-prism-wallet-sdk-ts
fix(pollux): replace generic Error with domain-specific PolluxError/CastorError in JWT utils 
Replaces 13 instances of generic `throw new Error()` with domain-specific
error types (`PolluxError.InvalidCredentialError`, `CastorError.NotPossibleToResolveDID`,
`CastorError.InvalidKeyError`) across the JWT/SDJWT utility layer.

This enables callers to programmatically distinguish between error types
(e.g., invalid DID document vs invalid key vs invalid credential), which
is essential for the Identity Portal to display meaningful error messages.

Files changed:
- SDJWT.ts: 6 errors replaced
- JWT.ts: 4 errors replaced
- ResolveDID.ts: 1 error replaced
- CreateJwt.ts: 1 error replaced
- CreateSDJWT.ts: 1 error replaced
- Added tests for error type verification

Signed-off-by: Abhigyan Singh <[email protected]>
5ade7c97 · pull/542/head · 7/21 ++ 16 --
abhigyan1102
abhigyan1102 · · atala-prism-wallet-sdk-ts
fix(pollux): add exp/nbf validation and fix error logging in SDJWT.verify 
Fixes #553 — replaced console.log with silent catch in verification
error path, consistent with JWT.verify behavior.

Fixes #554 — added exp and nbf temporal claim validation per
RFC 7519 §4.1.4 and §4.1.5. SDJWT.verify now returns false for
expired or not-yet-valid credentials.

Changes:
- Check exp claim before signature verification; return false if expired
- Check nbf claim before signature verification; return false if too early
- Remove console.log(err) from catch block (was leaking error details)
- Change import from type-only to value import for Domain (needed for
  runtime access to JWT.Claims enum)

Signed-off-by: abhigyan1102 <[email protected]>
Signed-off-by: Abhigyan Singh <[email protected]>
db15a190 · pull/556/head · 1/17 ++ 4 --
TheSeydiCharyyev
TheSeydiCharyyev · · atala-prism-wallet-sdk-ts
fix(pollux): check nbf claim in JWT.verify 
JWT.verify did not validate the nbf (not before) claim, so JWTs with nbf in the future were incorrectly considered valid. This is a security issue per RFC 7519 Section 4.1.5.

Added an explicit nbf check after JWT decode: if nbf is present and the current time is before it, verify() returns false. JWTs without an nbf claim keep the previous behavior (no nbf enforced).

This is a sister fix to #489/#550 (which addressed the exp claim).

Closes #551

Signed-off-by: Seydi Charyyev <[email protected]>
42a2ab93 · pull/552/head · 2/62 ++ 0 --
TheSeydiCharyyev
TheSeydiCharyyev · · atala-prism-wallet-sdk-ts
fix(pollux): check exp claim in JWT.verify 
JWT.verify did not validate the exp (expiration) claim, so expired JWTs were incorrectly considered valid. This is a security issue per RFC 7519 Section 4.1.4.

Added an explicit exp check after JWT decode: if exp is present and the current time is at or past it, verify() returns false. JWTs without an exp claim keep the previous behavior (no expiration enforced).

Closes #489

Signed-off-by: Seydi Charyyev <[email protected]>
b7b82824 · pull/550/head · 2/62 ++ 0 --
Showing 25 of 95 recent commits. Check out Input Output on GitHub to see more.