Skip to content

Feature: PII Encapsulation #138

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
sephynox wants to merge 19 commits into
base: main
Choose a base branch
from
Open

Feature: PII Encapsulation #138

sephynox wants to merge 19 commits into from

Conversation

@sephynox
Copy link
Contributor

@sephynox sephynox commented Dec 16, 2025
edited
Loading

Overview

Adds encapsulation for transport of PII information. In footprint-kyc-anchor, instead of:

getPII(entityId: string, entityType: LegalEntityType, reason?: string): Promise<EntityPII>;

We can now do:

getPII(entityId: string, entityType: LegalEntityType, reason?: string): Promise<PIIStore>;

PIIStore (src/lib/utils/pii.ts)

  • Prevents accidental PII logging/serialization (redacts toString(), toJSON(), util.inspect())
  • setAttribute(name, value) - type-safe storage for known + external attributes
  • toSensitiveAttribute(name, subjectKey) - encrypts and returns SensitiveAttribute
  • run(get) - scoped callback with getter
  • toCertificateBuilder(builder) - applies all known attributes to certificate
  • PIIStore.fromCertificate(cert) - extracts attributes from existing certificate
  • PIIError with codes: PII_ATTRIBUTE_NOT_FOUND, PII_KNOWN_ATTRIBUTE_EXPOSURE_DENIED

SensitiveAttribute (src/lib/sensitive-attribute.ts)

  • Extracted from certificates.ts into dedicated module
  • SensitiveAttributeBuilder.build() now returns SensitiveAttribute<T> directly
  • set(name, value) - schema-aware encoding for known attributes
  • set(bytes) - raw bytes for external attributes
  • publicKey getter - returns encryption target public key
  • toDER() - returns raw encrypted bytes
  • isInstance() - static type guard

CertificateBuilder

  • setSensitiveAttribute(name, attr) - accepts pre-built SensitiveAttribute instances

@sephynox sephynox requested review from Srayman and rkeene December 16, 2025 20:26
@sephynox sephynox self-assigned this Dec 16, 2025
@sephynox sephynox added the enhancement New feature or request label Dec 16, 2025
Srayman
Srayman reviewed Dec 16, 2025
View reviewed changes
@sephynox sephynox requested a review from Srayman December 16, 2025 22:17
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 17, 2025

Quality Gate Passed Quality Gate passed

Issues
7 New issues
0 Accepted issues

Measures
0 Security Hotspots
90.8% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

rkeene
rkeene reviewed Dec 18, 2025
View reviewed changes
src/lib/utils/pii.ts
import type * as KeetaNetClient from '@keetanetwork/keetanet-client';
import { CertificateAttributeOIDDB, type CertificateAttributeValueMap, type CertificateAttributeValue } from '../../services/kyc/iso20022.generated.js';
import type { CertificateBuilder, Certificate } from '../certificates.js';
import { SensitiveAttribute, SensitiveAttributeBuilder } from '../certificates.js';
Copy link
Member

@rkeene rkeene Dec 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this using SensitiveAttribute if it never serializes the data to a buffer ?

Copy link
Contributor Author

@sephynox sephynox Dec 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure what you mean? For known attributes it uses the builder. We can just not allow unknown attributes to be handled with toSensitiveAttribute unless you have a different idea.

Copy link
Member

@rkeene rkeene Jan 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I mean the SensitiveAttribute mechanism is for encrypting data to be validated (via proof later), it doesn't really make sense to encrypt data and then never use the encrypted data...

@sephynox sephynox requested a review from rkeene December 18, 2025 20:02
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 20, 2026

Quality Gate Passed Quality Gate passed

Issues
7 New issues
0 Accepted issues

Measures
0 Security Hotspots
90.6% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Srayman Srayman Srayman approved these changes

@rkeene rkeene Awaiting requested review from rkeene

Assignees

@sephynox sephynox

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sephynox @rkeene @Srayman