Replace StatusList2021 (deprecated) with BitstringStatusList

.changeset/nasty-ways-change.md

@@ -0,0 +1,5 @@
+---
+"@agentcommercekit/vc": minor
+---
+
+Replaced StatusList2021 with BitstringStatusList for VC revocation

docs/demos/example-identity.mdx

@@ -12,7 +12,7 @@ The API supports issuing, verifying, and revoking two primary credential types:
 - **`ControllerCredential`**: proves ownership of DIDs (part of ACK-ID).
 - **`PaymentReceiptCredential`**: provides proof of payment meeting a Payment Request (part of ACK-Pay).
 
-The issuer implements credential revocation using [StatusList2021](https://www.w3.org/community/reports/credentials/CG-FINAL-vc-status-list-2021-20230102/), a privacy-preserving and efficient revocation list method.
+The issuer implements credential revocation using [Bitstring Status List](https://www.w3.org/TR/vc-bitstring-status-list/), a privacy-preserving and efficient revocation list method.
 
 ## Installation and Setup
 
@@ -158,7 +158,7 @@ curl --request DELETE \
 
 #### `GET /status/:listId`
 
-Retrieve StatusList2021 credential for revocation checks.
+Retrieve Bitstring Status List credential for revocation checks.
 
 **Sample cURL:**
 

examples/issuer/README.md

@@ -7,7 +7,7 @@ The API allows for the issuance, verification, and revocation of the following c
 - `ControllerCredential`: ACK-ID credentials that prove DID ownership hierarchies.
 - `PaymentReceiptCredential`: ACK-Pay credentials that provide proof of payment that satisfies a given Payment Request.
 
-This issuer supports credential revocation using [StatusList2021](https://www.w3.org/community/reports/credentials/CG-FINAL-vc-status-list-2021-20230102/), which is a privacy-preserving, space-efficient mechanism for maintaining a credential revocation list.
+This issuer supports credential revocation using [Bitstring Status List](https://www.w3.org/TR/vc-bitstring-status-list/), which is a privacy-preserving, space-efficient mechanism for maintaining a credential revocation list.
 
 ## Getting Started
 
@@ -269,7 +269,7 @@ curl --request DELETE \
 
 #### GET /status/:listId
 
-Retrieve a StatusList2021 credential for checking revocation status
+Retrieve a Bitstring Status List credential for checking revocation status
 
 **Response Body**
 

examples/issuer/src/routes/status.ts

@@ -9,7 +9,10 @@ import { database } from "@/middleware/database"
 import { didResolver } from "@/middleware/did-resolver"
 import { issuer } from "@/middleware/issuer"
 import type { ApiResponse } from "@repo/api-utils/api-response"
-import type { StatusList2021Credential, Verifiable } from "agentcommercekit"
+import type {
+  BitstringStatusListCredential,
+  Verifiable
+} from "agentcommercekit"
 import type { Env } from "hono"
 
 const app = new Hono<Env>()
@@ -21,16 +24,18 @@ app.use("*", didResolver())
 /**
  * GET /status/:listId
  *
- * @description Retrieves a StatusList2021 credential for checking revocation status
+ * @description Retrieves a BitstringStatusListCredential for checking revocation status
  *
  * URL Parameters:
  * - listId: string - ID of the status list to retrieve
  *
- * @returns Signed StatusList2021 credential with compressed bit string
+ * @returns Signed BitstringStatusListCredential with compressed bit string
  */
 app.get(
   "/:listId",
-  async (c): Promise<ApiResponse<Verifiable<StatusList2021Credential>>> => {
+  async (
+    c
+  ): Promise<ApiResponse<Verifiable<BitstringStatusListCredential>>> => {
     const listId = c.req.param("listId")
     const db = c.get("db")
     const issuer = c.get("issuer")

examples/verifier/README.md

@@ -5,7 +5,7 @@ This example showcases a **Credential Verifier** for [ACK-ID](https://www.agentc
 - `ControllerCredential`: ACK-ID credentials that prove DID ownership hierarchies.
 - `PaymentReceiptCredential`: ACK-Pay credentials that provide proof of payment that satisfies a given Payment Request.
 
-This verifier uses [StatusList2021](https://www.w3.org/community/reports/credentials/CG-FINAL-vc-status-list-2021-20230102/), to check if a credential is revoked.# Installation
+This verifier uses [Bitstring Status List](https://www.w3.org/TR/vc-bitstring-status-list/), to check if a credential is revoked.
 
 ## Getting Started
 
@@ -98,7 +98,7 @@ curl --request POST \
       },
       "credentialStatus": {
         "id": "http://localhost:3456/status/0#0",
-        "type": "StatusList2021Entry",
+        "type": "BitstringStatusListEntry",
         "statusPurpose": "revocation",
         "statusListIndex": "0",
         "statusListCredential": "http://localhost:3456/status/0"

packages/vc/src/revocation/is-status-list-credential.ts

@@ -1,13 +1,13 @@
 import * as v from "valibot"
 import { isCredential } from "../is-credential"
-import { statusList2021ClaimSchema } from "../schemas/valibot"
-import type { StatusList2021Credential } from "./types"
+import { bitstringStatusListClaimSchema } from "../schemas/valibot"
+import type { BitstringStatusListCredential } from "./types"
 import type { CredentialSubject } from "../types"
 
-function isStatusList2021Claim(
+function isStatusListClaim(
   credentialSubject: CredentialSubject
-): credentialSubject is v.InferOutput<typeof statusList2021ClaimSchema> {
-  return v.is(statusList2021ClaimSchema, credentialSubject)
+): credentialSubject is v.InferOutput<typeof bitstringStatusListClaimSchema> {
+  return v.is(bitstringStatusListClaimSchema, credentialSubject)
 }
 
 /**
@@ -18,9 +18,9 @@ function isStatusList2021Claim(
  */
 export function isStatusListCredential(
   credential: unknown
-): credential is StatusList2021Credential {
+): credential is BitstringStatusListCredential {
   if (!isCredential(credential)) {
     return false
   }
-  return isStatusList2021Claim(credential.credentialSubject)
+  return isStatusListClaim(credential.credentialSubject)
 }

packages/vc/src/revocation/make-revocable.test.ts

@@ -24,7 +24,7 @@ describe("makeRevocable", () => {
 
     expect(revocableCredential.credentialStatus).toEqual({
       id: mockStatusListId,
-      type: "StatusList2021Entry",
+      type: "BitstringStatusListEntry",
       statusPurpose: "revocation",
       statusListIndex: mockStatusListIndex.toString(),
       statusListCredential: mockStatusListUrl

packages/vc/src/revocation/make-revocable.ts

@@ -31,7 +31,7 @@ export function makeRevocable<T extends W3CCredential>(
     ...credential,
     credentialStatus: {
       id,
-      type: "StatusList2021Entry",
+      type: "BitstringStatusListEntry",
       statusPurpose: "revocation",
       statusListIndex: statusListIndex.toString(),
       statusListCredential: statusListUrl

packages/vc/src/revocation/status-list-credential.test.ts

@@ -13,10 +13,10 @@ describe("createStatusListCredential", () => {
 
     const credential = createStatusListCredential(params)
 
-    expect(credential.type).toContain("StatusList2021Credential")
+    expect(credential.type).toContain("BitstringStatusListCredential")
     expect(credential.issuer).toEqual({ id: issuer })
     expect(credential.credentialSubject).toBeDefined()
-    expect(credential.credentialSubject.type).toBe("StatusList2021")
+    expect(credential.credentialSubject.type).toBe("BitstringStatusList")
     expect(credential.credentialSubject.statusPurpose).toBe("revocation")
     expect(credential.credentialSubject.encodedList).toBe(params.encodedList)
   })

packages/vc/src/revocation/status-list-credential.ts

@@ -1,5 +1,5 @@
 import { createCredential } from "../create-credential"
-import type { StatusList2021Credential } from "./types"
+import type { BitstringStatusListCredential } from "./types"
 
 type CreateStatusListCredentialParams = {
   /**
@@ -20,20 +20,20 @@ type CreateStatusListCredentialParams = {
  * Generates a status list credential.
  *
  * @param params - The {@link CreateStatusListCredentialParams} to use
- * @returns A {@link StatusList2021Credential}
+ * @returns A {@link BitstringStatusListCredential}
  */
 export function createStatusListCredential({
   url,
   encodedList,
   issuer
-}: CreateStatusListCredentialParams): StatusList2021Credential {
+}: CreateStatusListCredentialParams): BitstringStatusListCredential {
   return createCredential({
     id: url,
-    type: "StatusList2021Credential",
+    type: "BitstringStatusListCredential",
     issuer,
     subject: `${url}#list`,
     attestation: {
-      type: "StatusList2021",
+      type: "BitstringStatusList",
       statusPurpose: "revocation",
       encodedList
     }

packages/vc/src/revocation/types.ts

@@ -1,19 +1,19 @@
-import type { statusList2021ClaimSchema } from "../schemas/valibot"
+import type { bitstringStatusListClaimSchema } from "../schemas/valibot"
 import type { W3CCredential } from "../types"
 import type * as v from "valibot"
 
-type StatusList2021Entry = {
+type BitstringStatusListEntry = {
   id: string
-  type: "StatusList2021Entry"
+  type: "BitstringStatusListEntry"
   statusPurpose: string
   statusListIndex: string
   statusListCredential: string
 }
 
-export type StatusList2021Credential = W3CCredential & {
-  credentialSubject: v.InferOutput<typeof statusList2021ClaimSchema>
+export type BitstringStatusListCredential = W3CCredential & {
+  credentialSubject: v.InferOutput<typeof bitstringStatusListClaimSchema>
 }
 
 export type Revocable<T extends W3CCredential> = T & {
-  credentialStatus: StatusList2021Entry
+  credentialStatus: BitstringStatusListEntry
 }

packages/vc/src/schemas/valibot.ts

@@ -36,9 +36,9 @@ export const jwtProofSchema = v.object({
   jwt: v.string()
 })
 
-export const statusList2021ClaimSchema = v.object({
+export const bitstringStatusListClaimSchema = v.object({
   id: v.string(),
-  type: v.literal("StatusList2021"),
+  type: v.literal("BitstringStatusList"),
   statusPurpose: v.string(),
   encodedList: v.string()
 })

packages/vc/src/schemas/zod/v3.ts

@@ -37,9 +37,9 @@ export const jwtProofSchema = z.object({
   jwt: z.string()
 })
 
-export const statusList2021ClaimSchema = z.object({
+export const bitstringStatusListClaimSchema = z.object({
   id: z.string(),
-  type: z.literal("StatusList2021"),
+  type: z.literal("BitstringStatusList"),
   statusPurpose: z.string(),
   encodedList: z.string()
 })

packages/vc/src/schemas/zod/v4.ts

@@ -36,9 +36,9 @@ export const jwtProofSchema = z.object({
   jwt: z.string()
 })
 
-export const statusList2021ClaimSchema = z.object({
+export const bitstringStatusListClaimSchema = z.object({
   id: z.string(),
-  type: z.literal("StatusList2021"),
+  type: z.literal("BitstringStatusList"),
   statusPurpose: z.string(),
   encodedList: z.string()
 })

packages/vc/src/verification/is-revoked.ts

@@ -1,6 +1,9 @@
 import { BitBuffer } from "bit-buffers"
 import { isStatusListCredential } from "../revocation/is-status-list-credential"
-import type { Revocable, StatusList2021Credential } from "../revocation/types"
+import type {
+  BitstringStatusListCredential,
+  Revocable
+} from "../revocation/types"
 import type { W3CCredential } from "../types"
 
 /**
@@ -21,7 +24,7 @@ export function isRevocable<T extends W3CCredential>(
 
 async function fetchStatusList(
   credential: Revocable<W3CCredential>
-): Promise<StatusList2021Credential | undefined> {
+): Promise<BitstringStatusListCredential | undefined> {
   const statusListUrl = credential.credentialStatus.statusListCredential
 
   try {