Use ec.PublicKey for wallet interface objects

Author: jchavannes

auth/clients/authhttp/authhttp_test.go

@@ -7,6 +7,7 @@ import (
 	"github.com/bsv-blockchain/go-sdk/auth"
 	"github.com/bsv-blockchain/go-sdk/auth/certificates"
 	"github.com/bsv-blockchain/go-sdk/auth/utils"
+	ec "github.com/bsv-blockchain/go-sdk/primitives/ec"
 	"github.com/bsv-blockchain/go-sdk/wallet"
 	"github.com/stretchr/testify/require"
 )
@@ -53,7 +54,7 @@ func TestNew(t *testing.T) {
 	mockWallet := wallet.NewMockWallet(t)
 	mockSessionManager := NewMockSessionManager()
 	requestedCerts := &utils.RequestedCertificateSet{
-		Certifiers:       []wallet.PubKey{},
+		Certifiers:       []*ec.PublicKey{},
 		CertificateTypes: make(utils.RequestedCertificateTypeIDAndFieldList),
 	}
 
@@ -74,7 +75,7 @@ func TestNewWithNilSessionManager(t *testing.T) {
 	// Set up dependencies
 	mockWallet := wallet.NewMockWallet(t)
 	requestedCerts := &utils.RequestedCertificateSet{
-		Certifiers:       []wallet.PubKey{},
+		Certifiers:       []*ec.PublicKey{},
 		CertificateTypes: make(utils.RequestedCertificateTypeIDAndFieldList),
 	}
 

auth/peer.go

@@ -103,7 +103,7 @@ func NewPeer(cfg *PeerOptions) *Peer {
 		peer.CertificatesToRequest = cfg.CertificatesToRequest
 	} else {
 		peer.CertificatesToRequest = &utils.RequestedCertificateSet{
-			Certifiers:       []wallet.PubKey{},
+			Certifiers:       []*ec.PublicKey{},
 			CertificateTypes: make(utils.RequestedCertificateTypeIDAndFieldList),
 		}
 	}

auth/peer_test.go

@@ -623,14 +623,14 @@ func TestPeerCertificateExchange(t *testing.T) {
 
 	// Set certificate requirements - We need to use the RAW type string here, not base64 encoded
 	aliceCertReqs := &utils.RequestedCertificateSet{
-		Certifiers: []wallet.PubKey{tu.GetByte33FromString("any")}, // "any" is special value that accepts any certifier
+		Certifiers: []*ec.PublicKey{tu.GetPKFromString("any")}, // "any" is special value that accepts any certifier
 		CertificateTypes: utils.RequestedCertificateTypeIDAndFieldList{
 			certType: []string{requiredField},
 		},
 	}
 
 	bobCertReqs := &utils.RequestedCertificateSet{
-		Certifiers: []wallet.PubKey{tu.GetByte33FromString("any")}, // "any" is special value that accepts any certifier
+		Certifiers: []*ec.PublicKey{tu.GetPKFromString("any")}, // "any" is special value that accepts any certifier
 		CertificateTypes: utils.RequestedCertificateTypeIDAndFieldList{
 			certType: []string{requiredField},
 		},
@@ -1157,7 +1157,7 @@ func TestPartialCertificateAcceptance(t *testing.T) {
 
 	// Setup certificate requirements - requesting two fields but accepting partial matches
 	requestedCertificates := &utils.RequestedCertificateSet{
-		Certifiers: []wallet.PubKey{tu.GetByte33FromString("any")},
+		Certifiers: []*ec.PublicKey{tu.GetPKFromString("any")},
 		CertificateTypes: utils.RequestedCertificateTypeIDAndFieldList{
 			certType: []string{"name", "email"},
 		},
@@ -1426,7 +1426,7 @@ func TestLibraryCardVerification(t *testing.T) {
 
 	// Setup certificate requirements - Alice requires Bob's library card number
 	alice.CertificatesToRequest = &utils.RequestedCertificateSet{
-		Certifiers: []wallet.PubKey{tu.GetByte33FromString("any")},
+		Certifiers: []*ec.PublicKey{tu.GetPKFromString("any")},
 		CertificateTypes: utils.RequestedCertificateTypeIDAndFieldList{
 			certType: []string{"cardNumber"},
 		},
@@ -1447,7 +1447,7 @@ func TestLibraryCardVerification(t *testing.T) {
 
 	// Alice explicitly requests Bob's certificate
 	err = alice.RequestCertificates(ctx, bobPubKey.PublicKey, utils.RequestedCertificateSet{
-		Certifiers: []wallet.PubKey{tu.GetByte33FromString("any")},
+		Certifiers: []*ec.PublicKey{tu.GetPKFromString("any")},
 		CertificateTypes: utils.RequestedCertificateTypeIDAndFieldList{
 			certType: []string{"cardNumber"},
 		},
@@ -1721,14 +1721,14 @@ func TestNonmatchingCertificateRejection(t *testing.T) {
 
 	// Create peers with different certificate requirements
 	aliceRequiredCerts := utils.RequestedCertificateSet{
-		Certifiers: []wallet.PubKey{tu.GetByte33FromString("any")},
+		Certifiers: []*ec.PublicKey{tu.GetPKFromString("any")},
 		CertificateTypes: utils.RequestedCertificateTypeIDAndFieldList{
 			certTypeA: []string{"name"}, // Alice only accepts partnerA certs
 		},
 	}
 
 	bobRequiredCerts := utils.RequestedCertificateSet{
-		Certifiers: []wallet.PubKey{tu.GetByte33FromString("any")},
+		Certifiers: []*ec.PublicKey{tu.GetPKFromString("any")},
 		CertificateTypes: utils.RequestedCertificateTypeIDAndFieldList{
 			certTypeB: []string{"name"}, // Bob only accepts partnerB certs
 		},

auth/types.go

@@ -6,7 +6,6 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
-	"slices"
 	"sync"
 
 	"github.com/bsv-blockchain/go-sdk/auth/certificates"
@@ -109,13 +108,11 @@ func ValidateCertificates(
 				types := certificatesRequested.CertificateTypes
 
 				// Check certifier matches
-				var certifierKey wallet.PubKey
-				copy(certifierKey[:], cert.Certifier.ToDER())
-				if !slices.Contains(certifiers, certifierKey) {
+				if !utils.CertifierInSlice(certifiers, &cert.Certifier) {
 					errCh <- fmt.Errorf(
 						"certificate with serial number %s has an unrequested certifier: %x",
 						cert.SerialNumber,
-						certifierKey,
+						cert.Certifier.ToDER(),
 					)
 					return
 				}

auth/utils/get_verifiable_certificates.go

@@ -71,16 +71,10 @@ func GetVerifiableCertificates(ctx context.Context, options *GetVerifiableCertif
 			continue // Skip if no fields requested for this type
 		}
 
-		// Prepare verifier hex (empty if no key)
-		var verifierHex [33]byte
-		if options.VerifierIdentityKey != nil {
-			copy(verifierHex[:], options.VerifierIdentityKey.ToDER())
-		}
-
 		proveResult, err := options.Wallet.ProveCertificate(ctx, wallet.ProveCertificateArgs{
 			Certificate:      certResult.Certificate,
 			FieldsToReveal:   requestedFields,
-			Verifier:         verifierHex,
+			Verifier:         options.VerifierIdentityKey,
 			Privileged:       &options.Privileged,
 			PrivilegedReason: options.PrivilegedReason,
 		}, "")

auth/utils/get_verifiable_certificates_test.go

@@ -44,7 +44,7 @@ func TestGetVerifiableCertificates(t *testing.T) {
 		keyring2Base64 := base64.StdEncoding.EncodeToString([]byte("key2"))
 
 		requestedCerts := &RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{tu.GetByte33FromString("certifier1"), tu.GetByte33FromString("certifier2")},
+			Certifiers: []*ec.PublicKey{tu.GetPKFromString("certifier1"), tu.GetPKFromString("certifier2")},
 			CertificateTypes: RequestedCertificateTypeIDAndFieldList{
 				certType1: {"field1", "field2"},
 				certType2: {"field3"},
@@ -113,7 +113,7 @@ func TestGetVerifiableCertificates(t *testing.T) {
 		mockWallet := wallet.NewMockWallet(t)
 
 		requestedCerts := &RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{tu.GetByte33FromString("certifier1")},
+			Certifiers: []*ec.PublicKey{tu.GetPKFromString("certifier1")},
 			CertificateTypes: RequestedCertificateTypeIDAndFieldList{
 				certType1: {"field1"},
 			},
@@ -143,7 +143,7 @@ func TestGetVerifiableCertificates(t *testing.T) {
 		mockWallet := wallet.NewMockWallet(t)
 
 		requestedCerts := &RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{tu.GetByte33FromString("certifier1")},
+			Certifiers: []*ec.PublicKey{tu.GetPKFromString("certifier1")},
 			CertificateTypes: RequestedCertificateTypeIDAndFieldList{
 				certType1: {"field1"},
 			},

auth/utils/validate_certificates.go

@@ -6,8 +6,6 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"slices"
-
 	"github.com/bsv-blockchain/go-sdk/auth/certificates"
 	ec "github.com/bsv-blockchain/go-sdk/primitives/ec"
 	"github.com/bsv-blockchain/go-sdk/wallet"
@@ -56,12 +54,24 @@ func (m *RequestedCertificateTypeIDAndFieldList) UnmarshalJSON(data []byte) erro
 // RequestedCertificateSet represents a set of requested certificates
 type RequestedCertificateSet struct {
 	// Array of public keys that must have signed the certificates
-	Certifiers []wallet.PubKey
+	Certifiers []*ec.PublicKey
 
 	// Map of certificate type IDs to field names that must be included
 	CertificateTypes RequestedCertificateTypeIDAndFieldList
 }
 
+func CertifierInSlice(certifiers []*ec.PublicKey, certifier *ec.PublicKey) bool {
+	if certifier == nil {
+		return false
+	}
+	for _, c := range certifiers {
+		if c.IsEqual(certifier) {
+			return true
+		}
+	}
+	return false
+}
+
 // isEmptyPublicKey checks if a public key is empty/uninitialized
 func isEmptyPublicKey(key ec.PublicKey) bool {
 	return key.X == nil || key.Y == nil
@@ -114,9 +124,8 @@ func ValidateCertificates(
 			if certificatesRequested != nil {
 				// Check certifier matches
 				if !isEmptyPublicKey(cert.Certifier) {
-					var certifierKey wallet.PubKey
-					copy(certifierKey[:], cert.Certifier.ToDER())
-					if !slices.Contains(certificatesRequested.Certifiers, certifierKey) {
+					certifierKey := &cert.Certifier
+					if !CertifierInSlice(certificatesRequested.Certifiers, certifierKey) {
 						errCh <- fmt.Errorf("certificate with serial number %s has an unrequested certifier: %x",
 							cert.SerialNumber, certifierKey)
 						return

auth/utils/validate_certificates_test.go

@@ -2,7 +2,6 @@ package utils
 
 import (
 	"context"
-	"slices"
 	"testing"
 
 	"github.com/bsv-blockchain/go-sdk/auth/certificates"
@@ -38,7 +37,7 @@ func TestValidateCertificatesFunctionality(t *testing.T) {
 	require.NoError(t, err)
 	differentSubjectKey := differentSubject.PubKey()
 
-	anyCertifier := wallet.PubKey(tu.GetByte33FromString("any"))
+	anyCertifier := tu.GetPKFromString("any")
 
 	var requestedType [32]byte
 	copy(requestedType[:], "requested_type")
@@ -95,36 +94,34 @@ func TestValidateCertificatesFunctionality(t *testing.T) {
 	t.Run("throws an error for unrequested certifier", func(t *testing.T) {
 		// Create certificate request with different certifier
 		certificatesRequested := &RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{tu.GetByte33FromString("another_certifier")}, // Different from certifierHex
+			Certifiers: []*ec.PublicKey{tu.GetPKFromString("another_certifier")},
 			CertificateTypes: RequestedCertificateTypeIDAndFieldList{
 				requestedType: []string{"field1"},
 			},
 		}
 
 		// Check certifier match logic
-		var certifierKey wallet.PubKey
-		copy(certifierKey[:], validCertifierKey.ToDER())
-		assert.False(t, slices.Contains(certificatesRequested.Certifiers, certifierKey))
+		assert.False(t, CertifierInSlice(certificatesRequested.Certifiers, validCertifierKey))
 		// The logic in ValidateCertificates would have raised an error here
 	})
 
 	t.Run("accepts 'any' as a certifier match", func(t *testing.T) {
 		// Create certificate request with "any" certifier
 		certificatesRequested := &RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{anyCertifier},
+			Certifiers: []*ec.PublicKey{anyCertifier},
 			CertificateTypes: RequestedCertificateTypeIDAndFieldList{
 				requestedType: []string{"field1"},
 			},
 		}
 
 		// "any" should match any certifier value
-		assert.True(t, slices.Contains(certificatesRequested.Certifiers, anyCertifier))
+		assert.True(t, CertifierInSlice(certificatesRequested.Certifiers, anyCertifier))
 	})
 
 	t.Run("throws an error for unrequested certificate type", func(t *testing.T) {
 		// Create certificate request with different type
 		certificatesRequested := &RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{anyCertifier},
+			Certifiers: []*ec.PublicKey{anyCertifier},
 			CertificateTypes: RequestedCertificateTypeIDAndFieldList{
 				anotherType: []string{"field1"}, // Different from "requested_type"
 			},
@@ -138,7 +135,7 @@ func TestValidateCertificatesFunctionality(t *testing.T) {
 	t.Run("validate certificates request set validation", func(t *testing.T) {
 		// Test empty certifiers
 		req := &RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{},
+			Certifiers: []*ec.PublicKey{},
 			CertificateTypes: RequestedCertificateTypeIDAndFieldList{
 				type1: []string{"field1"},
 			},
@@ -149,7 +146,7 @@ func TestValidateCertificatesFunctionality(t *testing.T) {
 
 		// Test empty types
 		req = &RequestedCertificateSet{
-			Certifiers:       []wallet.PubKey{tu.GetByte33FromString("certifier1")},
+			Certifiers:       []*ec.PublicKey{tu.GetPKFromString("certifier1")},
 			CertificateTypes: RequestedCertificateTypeIDAndFieldList{},
 		}
 		err = ValidateRequestedCertificateSet(req)
@@ -158,7 +155,7 @@ func TestValidateCertificatesFunctionality(t *testing.T) {
 
 		// Test empty type name
 		req = &RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{tu.GetByte33FromString("certifier1")},
+			Certifiers: []*ec.PublicKey{tu.GetPKFromString("certifier1")},
 			CertificateTypes: RequestedCertificateTypeIDAndFieldList{
 				[32]byte{}: []string{"field1"},
 			},
@@ -169,7 +166,7 @@ func TestValidateCertificatesFunctionality(t *testing.T) {
 
 		// Test empty fields
 		req = &RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{tu.GetByte33FromString("certifier1")},
+			Certifiers: []*ec.PublicKey{tu.GetPKFromString("certifier1")},
 			CertificateTypes: RequestedCertificateTypeIDAndFieldList{
 				type1: []string{},
 			},
@@ -180,7 +177,7 @@ func TestValidateCertificatesFunctionality(t *testing.T) {
 
 		// Test valid request
 		req = &RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{tu.GetByte33FromString("certifier1")},
+			Certifiers: []*ec.PublicKey{tu.GetPKFromString("certifier1")},
 			CertificateTypes: RequestedCertificateTypeIDAndFieldList{
 				type1: []string{"field1"},
 			},

auth/validate_certificates_test.go

@@ -34,7 +34,7 @@ func TestValidateCertificates(t *testing.T) {
 		copy(certType[:], "requested_type")
 		// Test validate certificate requirements struct
 		reqs := &utils.RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{tu.GetByte33FromString("valid_certifier")},
+			Certifiers: []*ec.PublicKey{tu.GetPKFromString("valid_certifier")},
 			CertificateTypes: utils.RequestedCertificateTypeIDAndFieldList{
 				certType: {"field1"},
 			},
@@ -137,17 +137,13 @@ func TestValidateCertificates(t *testing.T) {
 			IdentityKey:  subjectIdentityKey.PublicKey, // Fixed: use subject's key
 		}
 
-		// Create certificate requirements
-		var certifierHex [33]byte
-		copy(certifierHex[:], certifierIdentityKey.PublicKey.Compressed())
-
 		// Convert masterCert.Type from StringBase64 to Base64Bytes32
 		var certType32 wallet.CertificateType
 		typeBytes, _ := base64.StdEncoding.DecodeString(string(masterCert.Type))
 		copy(certType32[:], typeBytes)
 
 		certReqs := &utils.RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{certifierHex},
+			Certifiers: []*ec.PublicKey{certifierIdentityKey.PublicKey},
 			CertificateTypes: utils.RequestedCertificateTypeIDAndFieldList{
 				certType32: []string{"name", "email"},
 			},
@@ -231,17 +227,13 @@ func TestValidateCertificates(t *testing.T) {
 			IdentityKey:  subjectIdentityKey.PublicKey,
 		}
 
-		// Create requirements
-		var subjectHex [33]byte
-		copy(subjectHex[:], subjectIdentityKey.PublicKey.Compressed())
-
 		// Convert certTypeBase64 from string to Base64Bytes32
 		var certType32 wallet.CertificateType
 		typeBytes, _ := base64.StdEncoding.DecodeString(certTypeBase64)
 		copy(certType32[:], typeBytes)
 
 		certReqs := &utils.RequestedCertificateSet{
-			Certifiers: []wallet.PubKey{subjectHex},
+			Certifiers: []*ec.PublicKey{subjectIdentityKey.PublicKey},
 			CertificateTypes: utils.RequestedCertificateTypeIDAndFieldList{
 				certType32: []string{"owner"},
 			},

docs/examples/identity_client/main.go

@@ -6,6 +6,7 @@ import (
 	"log"
 
 	"github.com/bsv-blockchain/go-sdk/identity"
+	ec "github.com/bsv-blockchain/go-sdk/primitives/ec"
 	"github.com/bsv-blockchain/go-sdk/wallet"
 )
 
@@ -76,10 +77,16 @@ func main() {
 	// -------------------------------------------------------------------------
 	// EXAMPLE 3: Resolve identity by identity key
 	// -------------------------------------------------------------------------
+	// Create a valid identity key for the example
+	identityPubKey, err := ec.NewPrivateKey()
+	if err != nil {
+		log.Fatalf("Failed to create identity key: %v", err)
+	}
+
 	identities, err := client.ResolveByIdentityKey(
 		context.Background(),
 		wallet.DiscoverByIdentityKeyArgs{
-			IdentityKey: [33]byte{0x01, 0x02, 0x03},
+			IdentityKey: identityPubKey.PubKey(),
 		},
 	)
 	if err != nil {