refactor(did): migrate from github.com/MetaMask/go-did-it to code.sonr.org/go/did-it

document the crypto package

.github/Repo.toml

@@ -0,0 +1,10 @@
+[scopes]
+ci = [".github/workflows"]
+config = [".github", "go.mod", "go.sum", ".gitignore"]
+docs = ["Readme.md", "crypto/Readme.md", "design.md", "LICENSE.md"]
+tests = ["didtest", "verifiers/did-key/testvectors"]
+core = ["*.go"]
+crypto = ["crypto"]
+verifiers = ["verifiers"]
+controller = ["controller"]
+document = ["document"]

Readme.md

@@ -2,19 +2,19 @@
   <h1 align="center">go-did-it</h1>
 
   <p>
-    <a href="https://github.com/MetaMask/go-did-it/tags">
+    <a href="https://code.sonr.org/go/did-it/tags">
         <img alt="GitHub Tag" src="https://img.shields.io/github/v/tag/MetaMask/go-did-it">
     </a>
-    <a href="https://github.com/MetaMask/go-did-it/actions?query=">
-      <img src="https://github.com/MetaMask/go-did-it/actions/workflows/gotest.yml/badge.svg" alt="Build Status">
+    <a href="https://code.sonr.org/go/did-it/actions?query=">
+      <img src="https://code.sonr.org/go/did-it/actions/workflows/gotest.yml/badge.svg" alt="Build Status">
     </a>
     <a href="https://MetaMask.github.io/go-did-it/dev/bench/">
         <img alt="Go benchmarks" src="https://img.shields.io/badge/Benchmarks-go-blue">
     </a>
-    <a href="https://github.com/MetaMask/go-did-it/blob/v1/LICENSE.md">
+    <a href="https://code.sonr.org/go/did-it/blob/v1/LICENSE.md">
         <img alt="Apache 2.0 + MIT License" src="https://img.shields.io/badge/License-Apache--2.0+MIT-green">
     </a>
-    <a href="https://pkg.go.dev/github.com/MetaMask/go-did-it">
+    <a href="https://pkg.go.dev/code.sonr.org/go/did-it">
       <img src="https://img.shields.io/badge/Docs-godoc-blue" alt="Docs">
     </a>
   </p>
@@ -36,7 +36,7 @@ Built with ❤️ by [Consensys](https://consensys.io/).
 ## Installation
 
 ```bash
-go get github.com/MetaMask/go-did-it
+go get code.sonr.org/go/did-it
 ```
 
 ## Usage
@@ -52,10 +52,10 @@ import (
 	"encoding/base64"
 	"fmt"
 
-	"github.com/MetaMask/go-did-it"
+	"code.sonr.org/go/did-it"
 	
 	// 0) Import the methods you want to support
-	_ "github.com/MetaMask/go-did-it/verifiers/did-key"
+	_ "code.sonr.org/go/did-it/verifiers/did-key"
 )
 
 func main() {
@@ -90,11 +90,11 @@ import (
 	"encoding/base64"
 	"fmt"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto/x25519"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto/x25519"
 
 	// 0) Import the methods you want to support
-	_ "github.com/MetaMask/go-did-it/verifiers/did-key"
+	_ "code.sonr.org/go/did-it/verifiers/did-key"
 )
 
 func main() {

controller/did-key/key.go

@@ -1,9 +1,9 @@
 package didkeyctl
 
 import (
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto"
-	didkey "github.com/MetaMask/go-did-it/verifiers/did-key"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto"
+	didkey "code.sonr.org/go/did-it/verifiers/did-key"
 )
 
 func FromPublicKey(pub crypto.PublicKey) did.DID {

crypto/Readme.md

@@ -0,0 +1,93 @@
+# Crypto package
+
+This crypto package is a thin ergonomic layer on top of the normal golang crypto packages or `x/crypto`.
+
+It aims to solve the following problems with the standard crypto packages:
+- different algorithms have different APIs and ergonomics, which makes it hard to use them interchangeably
+- occasionally, it's quite hard to figure out how to do simple tasks (like encoding/decoding keys)
+- it's still necessary to make some educated choices (e.g. which hash function to use for signatures)
+- sometimes features are left out (e.g. ed25519 to X25519 for key exchange, secp256k1...)
+- some hash functions are not available in the standard library with no easy way to extend it (e.g. KECCAK-256)
+
+To do so, this package provides and implements a set of shared interfaces for all algorithms. As not all algorithms
+support all features (e.g. RSA keys don't support key exchange), some interfaces are optionally implemented.
+
+An additional benefit of shared interfaces is that a shared test suite can be written to test all algorithms, which this
+package does.
+
+Note: this is not a dig or a criticism of the golang crypto packages, just an attempt to make them easier to use.
+
+## Example
+
+```go
+// This example demonstrates how to use the crypto package without going over all the features.
+// We will use P-256 keys, but they all work the same way (although not all have all the features).
+
+// 0: Generate a key pair
+pubAlice, privAlice, err := p256.GenerateKeyPair()
+handleErr(err)
+
+// 1: Serialize a key, read it back, verify it's the same
+privAliceBytes := privAlice.ToPKCS8DER()
+privAlice2, err := p256.PrivateKeyFromPKCS8DER(privAliceBytes)
+handleErr(err)
+fmt.Println("Keys are equals:", privAlice.Equal(privAlice2))
+
+// 2: Sign a message, verify the signature.
+// Signatures can be made in raw bytes (SignToBytes) or ASN.1 DER format (SignToASN1).
+msg := []byte("hello world")
+sig, err := privAlice.SignToBytes(msg)
+handleErr(err)
+fmt.Println("Signature is valid:", pubAlice.VerifyBytes(msg, sig))
+
+// 3: Signatures are done with an opinionated default configuration, but you can override it.
+// For example, the default hash function for P-256 is SHA-256, but you can use SHA-384 instead.
+opts := []crypto.SigningOption{crypto.WithSigningHash(crypto.SHA384)}
+sig384, err := privAlice.SignToBytes(msg, opts...)
+handleErr(err)
+fmt.Println("Signature is valid (SHA-384):", pubAlice.VerifyBytes(msg, sig384, opts...))
+
+// 4: Key exchange: generate a second key-pair and compute a shared secret.
+// ⚠️ Security Warning: The shared secret returned by key agreement should NOT be used directly as an encryption key.
+// It must be processed through a Key Derivation Function (KDF) such as HKDF before being used in cryptographic protocols.
+// Using the raw shared secret directly can lead to security vulnerabilities.
+pubBob, privBob, err := p256.GenerateKeyPair()
+handleErr(err)
+shared1, err := privAlice.KeyExchange(pubBob)
+handleErr(err)
+shared2, err := privBob.KeyExchange(pubAlice)
+handleErr(err)
+fmt.Println("Shared secrets are identical:", bytes.Equal(shared1, shared2))
+
+// 5: Bonus: one very annoying thing in cryptographic protocols is that the other side needs to know the configuration
+// you used for your signature. Having defaults or implied config only work sor far.
+// To solve this problem, this package integrates varsig: a format to describe the signing configuration. This varsig
+// can be attached to the signature, and the other side doesn't have to guess any more. Here is how it works:
+varsigBytes := privAlice.Varsig(opts...).Encode()
+fmt.Println("Varsig:", base64.StdEncoding.EncodeToString(varsigBytes))
+sig, err = privAlice.SignToBytes(msg, opts...)
+handleErr(err)
+varsigDecoded, err := varsig.Decode(varsigBytes)
+handleErr(err)
+fmt.Println("Signature with varsig is valid:", pubAlice.VerifyBytes(msg, sig, crypto.WithVarsig(varsigDecoded)))
+
+// Output:
+// Keys are equals: true
+// Signature is valid: true
+// Signature is valid (SHA-384): true
+// Shared secrets are identical: true
+// Varsig: NAHsAYAkIF8=
+// Signature with varsig is valid: true
+```
+
+## Supported Cryptographic Algorithms
+
+| Algorithm       | Signature Format  | Public Key Formats                  | Private Key Formats       | Key Agreement  |
+|-----------------|-------------------|-------------------------------------|---------------------------|----------------|
+| Ed25519         | Raw bytes, ASN.1  | Raw bytes, X.509 DER/PEM, Multibase | Raw bytes, PKCS#8 DER/PEM | ✅ (via X25519) |
+| ECDSA P-256     | Raw bytes, ASN.1  | Raw bytes, X.509 DER/PEM, Multibase | Raw bytes, PKCS#8 DER/PEM | ✅              |
+| ECDSA P-384     | Raw bytes, ASN.1  | Raw bytes, X.509 DER/PEM, Multibase | Raw bytes, PKCS#8 DER/PEM | ✅              |
+| ECDSA P-521     | Raw bytes, ASN.1  | Raw bytes, X.509 DER/PEM, Multibase | Raw bytes, PKCS#8 DER/PEM | ✅              |
+| ECDSA secp256k1 | Raw bytes, ASN.1  | Raw bytes, X.509 DER/PEM, Multibase | Raw bytes, PKCS#8 DER/PEM | ✅              |
+| RSA             | PKCS#1 v1.5 ASN.1 | X.509 DER/PEM, Multibase            | PKCS#8 DER/PEM            | ❌              |
+| X25519          | ❌                 | Raw bytes, X.509 DER/PEM, Multibase | Raw bytes, PKCS#8 DER/PEM | ✅              |

crypto/_allkeys/allkeys.go

@@ -3,15 +3,15 @@ package allkeys
 import (
 	"fmt"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
-	helpers "github.com/MetaMask/go-did-it/crypto/internal"
-	"github.com/MetaMask/go-did-it/crypto/p256"
-	"github.com/MetaMask/go-did-it/crypto/p384"
-	"github.com/MetaMask/go-did-it/crypto/p521"
-	"github.com/MetaMask/go-did-it/crypto/rsa"
-	"github.com/MetaMask/go-did-it/crypto/secp256k1"
-	"github.com/MetaMask/go-did-it/crypto/x25519"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/ed25519"
+	helpers "code.sonr.org/go/did-it/crypto/internal"
+	"code.sonr.org/go/did-it/crypto/p256"
+	"code.sonr.org/go/did-it/crypto/p384"
+	"code.sonr.org/go/did-it/crypto/p521"
+	"code.sonr.org/go/did-it/crypto/rsa"
+	"code.sonr.org/go/did-it/crypto/secp256k1"
+	"code.sonr.org/go/did-it/crypto/x25519"
 )
 
 var decoders = map[uint64]func(b []byte) (crypto.PublicKey, error){

crypto/_testsuite/testsuite.go

@@ -11,9 +11,10 @@ import (
 	"github.com/stretchr/testify/require"
 	"github.com/ucan-wg/go-varsig"
 
-	"github.com/MetaMask/go-did-it/crypto"
+	"code.sonr.org/go/did-it/crypto"
 )
 
+// TestHarness describes a keypair implementation for the test/bench suites to operate on.
 type TestHarness[PubT crypto.PublicKey, PrivT crypto.PrivateKey] struct {
 	Name string
 
@@ -38,6 +39,7 @@ type TestHarness[PubT crypto.PublicKey, PrivT crypto.PrivateKey] struct {
 	SignatureBytesSize  int
 }
 
+// TestSuite runs a set of tests against a keypair implementation.
 func TestSuite[PubT crypto.PublicKey, PrivT crypto.PrivateKey](t *testing.T, harness TestHarness[PubT, PrivT]) {
 	stats := struct {
 		bytesPubSize  int
@@ -337,6 +339,7 @@ func TestSuite[PubT crypto.PublicKey, PrivT crypto.PrivateKey](t *testing.T, har
 	})
 }
 
+// BenchSuite runs a set of benchmarks on a keypair implementation.
 func BenchSuite[PubT crypto.PublicKey, PrivT crypto.PrivateKey](b *testing.B, harness TestHarness[PubT, PrivT]) {
 	b.Run("GenerateKeyPair", func(b *testing.B) {
 		b.ReportAllocs()

crypto/ed25519/key_test.go

@@ -3,8 +3,8 @@ package ed25519
 import (
 	"testing"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/_testsuite"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/_testsuite"
 )
 
 var harness = testsuite.TestHarness[PublicKey, PrivateKey]{

crypto/ed25519/private.go

@@ -9,7 +9,7 @@ import (
 	"github.com/ucan-wg/go-varsig"
 	"golang.org/x/crypto/cryptobyte"
 
-	"github.com/MetaMask/go-did-it/crypto"
+	"code.sonr.org/go/did-it/crypto"
 )
 
 var _ crypto.PrivateKeySigningBytes = &PrivateKey{}

crypto/ed25519/public.go

@@ -10,8 +10,8 @@ import (
 	"github.com/ucan-wg/go-varsig"
 	"golang.org/x/crypto/cryptobyte"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/internal"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/internal"
 )
 
 var _ crypto.PublicKeySigningBytes = PublicKey{}

crypto/example_test.go

@@ -0,0 +1,79 @@
+package crypto_test
+
+import (
+	"bytes"
+	"encoding/base64"
+	"fmt"
+
+	"github.com/ucan-wg/go-varsig"
+
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/p256"
+)
+
+func Example() {
+	// This example demonstrates how to use the crypto package without going over all the features.
+	// We will use P-256 keys, but they all work the same way (although not all have all the features).
+
+	// 0: Generate a key pair
+	pubAlice, privAlice, err := p256.GenerateKeyPair()
+	handleErr(err)
+
+	// 1: Serialize a key, read it back, verify it's the same
+	privAliceBytes := privAlice.ToPKCS8DER()
+	privAlice2, err := p256.PrivateKeyFromPKCS8DER(privAliceBytes)
+	handleErr(err)
+	fmt.Println("Keys are equals:", privAlice.Equal(privAlice2))
+
+	// 2: Sign a message, verify the signature.
+	// Signatures can be made in raw bytes (SignToBytes) or ASN.1 DER format (SignToASN1).
+	msg := []byte("hello world")
+	sig, err := privAlice.SignToBytes(msg)
+	handleErr(err)
+	fmt.Println("Signature is valid:", pubAlice.VerifyBytes(msg, sig))
+
+	// 3: Signatures are done with an opinionated default configuration, but you can override it.
+	// For example, the default hash function for P-256 is SHA-256, but you can use SHA-384 instead.
+	opts := []crypto.SigningOption{crypto.WithSigningHash(crypto.SHA384)}
+	sig384, err := privAlice.SignToBytes(msg, opts...)
+	handleErr(err)
+	fmt.Println("Signature is valid (SHA-384):", pubAlice.VerifyBytes(msg, sig384, opts...))
+
+	// 4: Key exchange: generate a second key-pair and compute a shared secret.
+	// ⚠️ Security Warning: The shared secret returned by key agreement should NOT be used directly as an encryption key.
+	// It must be processed through a Key Derivation Function (KDF) such as HKDF before being used in cryptographic protocols.
+	// Using the raw shared secret directly can lead to security vulnerabilities.
+	pubBob, privBob, err := p256.GenerateKeyPair()
+	handleErr(err)
+	shared1, err := privAlice.KeyExchange(pubBob)
+	handleErr(err)
+	shared2, err := privBob.KeyExchange(pubAlice)
+	handleErr(err)
+	fmt.Println("Shared secrets are identical:", bytes.Equal(shared1, shared2))
+
+	// 5: Bonus: one very annoying thing in cryptographic protocols is that the other side needs to know the configuration
+	// you used for your signature. Having defaults or implied config only work sor far.
+	// To solve this problem, this package integrates varsig: a format to describe the signing configuration. This varsig
+	// can be attached to the signature, and the other side doesn't have to guess any more. Here is how it works:
+	varsigBytes := privAlice.Varsig(opts...).Encode()
+	fmt.Println("Varsig:", base64.StdEncoding.EncodeToString(varsigBytes))
+	sig, err = privAlice.SignToBytes(msg, opts...)
+	handleErr(err)
+	varsigDecoded, err := varsig.Decode(varsigBytes)
+	handleErr(err)
+	fmt.Println("Signature with varsig is valid:", pubAlice.VerifyBytes(msg, sig, crypto.WithVarsig(varsigDecoded)))
+
+	// Output:
+	// Keys are equals: true
+	// Signature is valid: true
+	// Signature is valid (SHA-384): true
+	// Shared secrets are identical: true
+	// Varsig: NAHsAYAkIF8=
+	// Signature with varsig is valid: true
+}
+
+func handleErr(err error) {
+	if err != nil {
+		panic(err)
+	}
+}

crypto/hash.go

@@ -12,6 +12,7 @@ import (
 // As the standard crypto library prohibits from registering additional hash algorithm (like keccak),
 // below is essentially an extension of that mechanism to allow it.
 
+// Hash is similar to crypto.Hash but can be extended with more values.
 type Hash uint
 
 const (
@@ -50,6 +51,7 @@ func (h Hash) HashFunc() Hash {
 	return h
 }
 
+// String returns the name of the hash function.
 func (h Hash) String() string {
 	if h < maxStdHash {
 		return stdcrypto.Hash(h).String()
@@ -75,6 +77,7 @@ func (h Hash) New() hash.Hash {
 	panic("requested hash function #" + strconv.Itoa(int(h)) + " is unavailable")
 }
 
+// ToVarsigHash returns the corresponding varsig.Hash value.
 func (h Hash) ToVarsigHash() varsig.Hash {
 	if h == MD5SHA1 {
 		panic("no multihash/multicodec value exists for MD5+SHA1")
@@ -85,6 +88,7 @@ func (h Hash) ToVarsigHash() varsig.Hash {
 	panic("requested hash #" + strconv.Itoa(int(h)) + " is unavailable")
 }
 
+// FromVarsigHash converts a varsig.Hash value to the corresponding Hash value.
 func FromVarsigHash(h varsig.Hash) Hash {
 	switch h {
 	case varsig.HashMd4:

crypto/jwk/private.go

@@ -5,16 +5,17 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
-	"github.com/MetaMask/go-did-it/crypto/p256"
-	"github.com/MetaMask/go-did-it/crypto/p384"
-	"github.com/MetaMask/go-did-it/crypto/p521"
-	"github.com/MetaMask/go-did-it/crypto/rsa"
-	"github.com/MetaMask/go-did-it/crypto/secp256k1"
-	"github.com/MetaMask/go-did-it/crypto/x25519"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/ed25519"
+	"code.sonr.org/go/did-it/crypto/p256"
+	"code.sonr.org/go/did-it/crypto/p384"
+	"code.sonr.org/go/did-it/crypto/p521"
+	"code.sonr.org/go/did-it/crypto/rsa"
+	"code.sonr.org/go/did-it/crypto/secp256k1"
+	"code.sonr.org/go/did-it/crypto/x25519"
 )
 
+// PrivateJwk is a JWK holding a private key
 type PrivateJwk struct {
 	Privkey crypto.PrivateKey
 }

crypto/jwk/public.go

@@ -5,20 +5,21 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
-	"github.com/MetaMask/go-did-it/crypto/p256"
-	"github.com/MetaMask/go-did-it/crypto/p384"
-	"github.com/MetaMask/go-did-it/crypto/p521"
-	"github.com/MetaMask/go-did-it/crypto/rsa"
-	"github.com/MetaMask/go-did-it/crypto/secp256k1"
-	"github.com/MetaMask/go-did-it/crypto/x25519"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/ed25519"
+	"code.sonr.org/go/did-it/crypto/p256"
+	"code.sonr.org/go/did-it/crypto/p384"
+	"code.sonr.org/go/did-it/crypto/p521"
+	"code.sonr.org/go/did-it/crypto/rsa"
+	"code.sonr.org/go/did-it/crypto/secp256k1"
+	"code.sonr.org/go/did-it/crypto/x25519"
 )
 
 // Specification:
 // - https://www.rfc-editor.org/rfc/rfc7517#section-4 (JWK)
 // - https://www.iana.org/assignments/jose/jose.xhtml#web-key-types (key parameters)
 
+// PublicJwk is a JWK holding a public key
 type PublicJwk struct {
 	Pubkey crypto.PublicKey
 }

crypto/options.go

@@ -4,6 +4,7 @@ import (
 	"github.com/ucan-wg/go-varsig"
 )
 
+// SigningOpts contains the resulting signature configuration.
 type SigningOpts struct {
 	hash            Hash
 	payloadEncoding varsig.PayloadEncoding
@@ -14,6 +15,7 @@ type SigningOpts struct {
 	keyLen uint64
 }
 
+// CollectSigningOptions collects the signing options into a SigningOpts.
 func CollectSigningOptions(opts []SigningOption) SigningOpts {
 	res := SigningOpts{}
 	for _, opt := range opts {
@@ -22,6 +24,7 @@ func CollectSigningOptions(opts []SigningOption) SigningOpts {
 	return res
 }
 
+// HashOrDefault returns the hash algorithm to be used for signatures, or the default if not specified.
 func (opts SigningOpts) HashOrDefault(_default Hash) Hash {
 	if opts.hash == 0 {
 		return _default
@@ -29,6 +32,7 @@ func (opts SigningOpts) HashOrDefault(_default Hash) Hash {
 	return opts.hash
 }
 
+// PayloadEncoding returns the encoding used on the message before signing it.
 func (opts SigningOpts) PayloadEncoding() varsig.PayloadEncoding {
 	if opts.payloadEncoding == 0 {
 		return varsig.PayloadEncodingVerbatim
@@ -36,6 +40,7 @@ func (opts SigningOpts) PayloadEncoding() varsig.PayloadEncoding {
 	return opts.payloadEncoding
 }
 
+// VarsigMatch returns true if the given varsig parameters match the signing options.
 func (opts SigningOpts) VarsigMatch(algo varsig.Algorithm, curve uint64, keyLength uint64) bool {
 	// This is relatively ugly, but we get cyclic import otherwise
 	switch opts.algo {

crypto/p256/key_test.go

@@ -6,8 +6,8 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/_testsuite"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/_testsuite"
 )
 
 var harness = testsuite.TestHarness[*PublicKey, *PrivateKey]{

crypto/p256/private.go

@@ -11,7 +11,7 @@ import (
 
 	"github.com/ucan-wg/go-varsig"
 
-	"github.com/MetaMask/go-did-it/crypto"
+	"code.sonr.org/go/did-it/crypto"
 )
 
 var _ crypto.PrivateKeySigningBytes = &PrivateKey{}

crypto/p256/public.go

@@ -10,8 +10,8 @@ import (
 
 	"github.com/ucan-wg/go-varsig"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	helpers "github.com/MetaMask/go-did-it/crypto/internal"
+	"code.sonr.org/go/did-it/crypto"
+	helpers "code.sonr.org/go/did-it/crypto/internal"
 )
 
 var _ crypto.PublicKeySigningBytes = &PublicKey{}

crypto/p384/key_test.go

@@ -3,8 +3,8 @@ package p384
 import (
 	"testing"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/_testsuite"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/_testsuite"
 )
 
 var harness = testsuite.TestHarness[*PublicKey, *PrivateKey]{

crypto/p384/private.go

@@ -11,7 +11,7 @@ import (
 
 	"github.com/ucan-wg/go-varsig"
 
-	"github.com/MetaMask/go-did-it/crypto"
+	"code.sonr.org/go/did-it/crypto"
 )
 
 var _ crypto.PrivateKeySigningBytes = &PrivateKey{}

crypto/p384/public.go

@@ -10,8 +10,8 @@ import (
 
 	"github.com/ucan-wg/go-varsig"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	helpers "github.com/MetaMask/go-did-it/crypto/internal"
+	"code.sonr.org/go/did-it/crypto"
+	helpers "code.sonr.org/go/did-it/crypto/internal"
 )
 
 var _ crypto.PublicKeySigningBytes = &PublicKey{}

crypto/p521/key_test.go

@@ -3,8 +3,8 @@ package p521
 import (
 	"testing"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/_testsuite"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/_testsuite"
 )
 
 var harness = testsuite.TestHarness[*PublicKey, *PrivateKey]{

crypto/p521/private.go

@@ -11,7 +11,7 @@ import (
 
 	"github.com/ucan-wg/go-varsig"
 
-	"github.com/MetaMask/go-did-it/crypto"
+	"code.sonr.org/go/did-it/crypto"
 )
 
 var _ crypto.PrivateKeySigningBytes = &PrivateKey{}

crypto/p521/public.go

@@ -10,8 +10,8 @@ import (
 
 	"github.com/ucan-wg/go-varsig"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	helpers "github.com/MetaMask/go-did-it/crypto/internal"
+	"code.sonr.org/go/did-it/crypto"
+	helpers "code.sonr.org/go/did-it/crypto/internal"
 )
 
 var _ crypto.PublicKeySigningBytes = &PublicKey{}

crypto/public.go

@@ -1,3 +1,17 @@
+// Package crypto is a thin ergonomic layer on top of the normal golang crypto packages or `x/crypto`.
+//
+// It aims to solve the following problems with the standard crypto packages:
+//   - different algorithms have different APIs and ergonomics, which makes it hard to use them interchangeably
+//   - occasionally, it's quite hard to figure out how to do simple tasks (like encoding/decoding keys)
+//   - it's still necessary to make some educated choices (e.g. which hash function to use for signatures)
+//   - sometimes features are left out (e.g. ed25519 to X25519 for key exchange, secp256k1...)
+//   - some hash functions are not available in the standard library with no easy way to extend it (e.g. KECCAK-256)
+//
+// To do so, this package provides and implements a set of shared interfaces for all algorithms. As not all algorithms
+// support all features (e.g. RSA keys don't support key exchange), some interfaces are optionally implemented.
+//
+// An additional benefit of shared interfaces is that a shared test suite can be written to test all algorithms, which this
+// package does.
 package crypto
 
 type PublicKey interface {

crypto/rsa/key.go

@@ -5,7 +5,7 @@ import (
 	"crypto/rsa"
 	"fmt"
 
-	"github.com/MetaMask/go-did-it/crypto"
+	"code.sonr.org/go/did-it/crypto"
 )
 
 const (

crypto/rsa/key_test.go

@@ -6,8 +6,8 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/_testsuite"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/_testsuite"
 )
 
 var harness2048 = testsuite.TestHarness[*PublicKey, *PrivateKey]{

crypto/rsa/private.go

@@ -11,7 +11,7 @@ import (
 
 	"github.com/ucan-wg/go-varsig"
 
-	"github.com/MetaMask/go-did-it/crypto"
+	"code.sonr.org/go/did-it/crypto"
 )
 
 var _ crypto.PrivateKeySigningASN1 = &PrivateKey{}

crypto/rsa/public.go

@@ -10,8 +10,8 @@ import (
 
 	"github.com/ucan-wg/go-varsig"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	helpers "github.com/MetaMask/go-did-it/crypto/internal"
+	"code.sonr.org/go/did-it/crypto"
+	helpers "code.sonr.org/go/did-it/crypto/internal"
 )
 
 var _ crypto.PublicKeySigningASN1 = &PublicKey{}

crypto/secp256k1/key_test.go

@@ -6,8 +6,8 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/_testsuite"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/_testsuite"
 )
 
 var harness = testsuite.TestHarness[*PublicKey, *PrivateKey]{

crypto/secp256k1/private.go

@@ -10,7 +10,7 @@ import (
 	"github.com/decred/dcrd/dcrec/secp256k1/v4/ecdsa"
 	"github.com/ucan-wg/go-varsig"
 
-	"github.com/MetaMask/go-did-it/crypto"
+	"code.sonr.org/go/did-it/crypto"
 )
 
 var _ crypto.PrivateKeySigningBytes = &PrivateKey{}

crypto/secp256k1/public.go

@@ -10,8 +10,8 @@ import (
 	"github.com/decred/dcrd/dcrec/secp256k1/v4/ecdsa"
 	"github.com/ucan-wg/go-varsig"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	helpers "github.com/MetaMask/go-did-it/crypto/internal"
+	"code.sonr.org/go/did-it/crypto"
+	helpers "code.sonr.org/go/did-it/crypto/internal"
 )
 
 var _ crypto.PublicKeySigningBytes = &PublicKey{}

crypto/x25519/key_test.go

@@ -5,8 +5,8 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it/crypto/_testsuite"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
+	"code.sonr.org/go/did-it/crypto/_testsuite"
+	"code.sonr.org/go/did-it/crypto/ed25519"
 )
 
 var harness = testsuite.TestHarness[*PublicKey, *PrivateKey]{

crypto/x25519/private.go

@@ -7,8 +7,8 @@ import (
 	"encoding/pem"
 	"fmt"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/ed25519"
 )
 
 var _ crypto.PrivateKeyKeyExchange = (*PrivateKey)(nil)

crypto/x25519/public.go

@@ -7,9 +7,9 @@ import (
 	"fmt"
 	"math/big"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
-	helpers "github.com/MetaMask/go-did-it/crypto/internal"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/ed25519"
+	helpers "code.sonr.org/go/did-it/crypto/internal"
 )
 
 var _ crypto.PublicKey = (*PublicKey)(nil)

did_test.go

@@ -7,9 +7,9 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto/x25519"
-	_ "github.com/MetaMask/go-did-it/verifiers/did-key"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto/x25519"
+	_ "code.sonr.org/go/did-it/verifiers/did-key"
 )
 
 func Example_signature() {
@@ -92,7 +92,7 @@ func TestHasValidDIDSyntax(t *testing.T) {
 
 func BenchmarkHasValidDIDSyntax(b *testing.B) {
 	b.ReportAllocs()
-	for i := 0; i < b.N; i++ {
+	for b.Loop() {
 		did.HasValidDIDSyntax("did:example:abc:def:ghi:jkl%20mno%3Apqr%3Astuv")
 	}
 }
@@ -132,7 +132,7 @@ func TestHasValidDidUrlSyntax(t *testing.T) {
 
 func BenchmarkHasValidDidUrlSyntax(b *testing.B) {
 	b.ReportAllocs()
-	for i := 0; i < b.N; i++ {
+	for b.Loop() {
 		did.HasValidDidUrlSyntax("did:example:123456789abcdefghi/path/to/resource?key=value#section1")
 	}
 }

didtest/didtest.go

@@ -7,10 +7,10 @@ import (
 	"encoding/base64"
 	"fmt"
 
-	"github.com/MetaMask/go-did-it"
-	didkeyctl "github.com/MetaMask/go-did-it/controller/did-key"
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
+	"code.sonr.org/go/did-it"
+	didkeyctl "code.sonr.org/go/did-it/controller/did-key"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/ed25519"
 )
 
 const (

document/document.go

@@ -7,8 +7,8 @@ import (
 	"io"
 	"net/url"
 
-	"github.com/MetaMask/go-did-it"
-	verifications "github.com/MetaMask/go-did-it/verifiers/_methods"
+	"code.sonr.org/go/did-it"
+	verifications "code.sonr.org/go/did-it/verifiers/_methods"
 )
 
 var _ did.Document = &Document{}

document/document_test.go

@@ -6,10 +6,10 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it/verifiers/_methods/ed25519"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/jsonwebkey"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/x25519"
-	_ "github.com/MetaMask/go-did-it/verifiers/did-key"
+	"code.sonr.org/go/did-it/verifiers/_methods/ed25519"
+	"code.sonr.org/go/did-it/verifiers/_methods/jsonwebkey"
+	"code.sonr.org/go/did-it/verifiers/_methods/x25519"
+	_ "code.sonr.org/go/did-it/verifiers/did-key"
 )
 
 func TestRoundTrip(t *testing.T) {

go.mod

@@ -1,4 +1,4 @@
-module github.com/MetaMask/go-did-it
+module code.sonr.org/go/did-it
 
 go 1.24.4
 
@@ -11,7 +11,7 @@ require (
 	github.com/multiformats/go-varint v0.0.7
 	github.com/stretchr/testify v1.10.0
 	github.com/ucan-wg/go-varsig v1.0.0
-	golang.org/x/crypto v0.40.0
+	golang.org/x/crypto v0.45.0
 )
 
 require (
@@ -19,6 +19,6 @@ require (
 	github.com/multiformats/go-base32 v0.0.3 // indirect
 	github.com/multiformats/go-base36 v0.1.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	golang.org/x/sys v0.34.0 // indirect
+	golang.org/x/sys v0.38.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -20,10 +20,10 @@ github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOf
 github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/ucan-wg/go-varsig v1.0.0 h1:Hrc437Zg+B5Eoajg+qZQZI3Q3ocPyjlnp3/Bz9ZnlWw=
 github.com/ucan-wg/go-varsig v1.0.0/go.mod h1:Sakln6IPooDPH+ClQ0VvR09TuwUhHcfLqcPiPkMZGh0=
-golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM=
-golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY=
-golang.org/x/sys v0.34.0 h1:H5Y5sJ2L2JRdyv7ROF1he/lPdvFsd0mJHFw2ThKHxLA=
-golang.org/x/sys v0.34.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
+golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
+golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
+golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

interfaces.go

@@ -4,7 +4,7 @@ import (
 	"encoding/json"
 	"net/url"
 
-	"github.com/MetaMask/go-did-it/crypto"
+	"code.sonr.org/go/did-it/crypto"
 )
 
 // DID is a decoded (i.e. from a string) Decentralized Identifier.

utilities.go

@@ -3,7 +3,7 @@ package did
 import (
 	"fmt"
 
-	"github.com/MetaMask/go-did-it/crypto"
+	"code.sonr.org/go/did-it/crypto"
 )
 
 // TryAllVerifyBytes tries to verify the signature as bytes with all the methods in the slice.

verifiers/_methods/ed25519/VerificationKey2018.go

@@ -7,9 +7,9 @@ import (
 
 	"github.com/mr-tron/base58"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/ed25519"
 )
 
 // Specification: https://w3c-ccg.github.io/lds-ed25519-2018/

verifiers/_methods/ed25519/VerificationKey2018_test.go

@@ -6,7 +6,7 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it/verifiers/_methods/ed25519"
+	"code.sonr.org/go/did-it/verifiers/_methods/ed25519"
 )
 
 func TestJsonRoundTrip2018(t *testing.T) {

verifiers/_methods/ed25519/VerificationKey2020.go

@@ -5,9 +5,9 @@ import (
 	"errors"
 	"fmt"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/ed25519"
 )
 
 // Specification: https://w3c.github.io/cg-reports/credentials/CG-FINAL-di-eddsa-2020-20220724/

verifiers/_methods/ed25519/VerificationKey2020_test.go

@@ -7,10 +7,10 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
-	ed25519vm "github.com/MetaMask/go-did-it/verifiers/_methods/ed25519"
-	_ "github.com/MetaMask/go-did-it/verifiers/did-key"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto/ed25519"
+	ed25519vm "code.sonr.org/go/did-it/verifiers/_methods/ed25519"
+	_ "code.sonr.org/go/did-it/verifiers/did-key"
 )
 
 func TestJsonRoundTrip2020(t *testing.T) {

verifiers/_methods/json.go

@@ -4,13 +4,13 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/ed25519"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/jsonwebkey"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/multikey"
-	p256vm "github.com/MetaMask/go-did-it/verifiers/_methods/p256"
-	secp256k1vm "github.com/MetaMask/go-did-it/verifiers/_methods/secp256k1"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/x25519"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/verifiers/_methods/ed25519"
+	"code.sonr.org/go/did-it/verifiers/_methods/jsonwebkey"
+	"code.sonr.org/go/did-it/verifiers/_methods/multikey"
+	p256vm "code.sonr.org/go/did-it/verifiers/_methods/p256"
+	secp256k1vm "code.sonr.org/go/did-it/verifiers/_methods/secp256k1"
+	"code.sonr.org/go/did-it/verifiers/_methods/x25519"
 )
 
 func UnmarshalJSON(data []byte) (did.VerificationMethod, error) {

verifiers/_methods/jsonwebkey/JsonWebKey2020.go

@@ -4,9 +4,9 @@ import (
 	"encoding/json"
 	"errors"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/jwk"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/jwk"
 )
 
 // Specification:

verifiers/_methods/multikey/multikey.go

@@ -5,9 +5,9 @@ import (
 	"errors"
 	"fmt"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto"
-	allkeys "github.com/MetaMask/go-did-it/crypto/_allkeys"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto"
+	allkeys "code.sonr.org/go/did-it/crypto/_allkeys"
 )
 
 // Specification: https://www.w3.org/TR/cid-1.0/#Multikey

verifiers/_methods/multikey/multikey_test.go

@@ -6,9 +6,9 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	_ "github.com/MetaMask/go-did-it/verifiers/did-key"
+	_ "code.sonr.org/go/did-it/verifiers/did-key"
 
-	"github.com/MetaMask/go-did-it/verifiers/_methods/multikey"
+	"code.sonr.org/go/did-it/verifiers/_methods/multikey"
 )
 
 func TestJsonRoundTrip(t *testing.T) {

verifiers/_methods/p256/key2021.go

@@ -7,9 +7,9 @@ import (
 
 	"github.com/mr-tron/base58"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/p256"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/p256"
 )
 
 // Specification: missing

verifiers/_methods/p256/key2021_test.go

@@ -6,7 +6,7 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it/verifiers/_methods/p256"
+	"code.sonr.org/go/did-it/verifiers/_methods/p256"
 )
 
 func TestJsonRoundTrip(t *testing.T) {

verifiers/_methods/secp256k1/VerificationKey2019.go

@@ -7,9 +7,9 @@ import (
 
 	"github.com/mr-tron/base58"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/secp256k1"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/secp256k1"
 )
 
 // Specification: https://w3c-ccg.github.io/lds-ecdsa-secp256k1-2019/

verifiers/_methods/secp256k1/VerificationKey2019_test.go

@@ -6,7 +6,7 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it/verifiers/_methods/secp256k1"
+	"code.sonr.org/go/did-it/verifiers/_methods/secp256k1"
 )
 
 func TestJsonRoundTrip(t *testing.T) {

verifiers/_methods/x25519/KeyAgreementKey2019.go

@@ -7,9 +7,9 @@ import (
 
 	"github.com/mr-tron/base58"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/x25519"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/x25519"
 )
 
 // Specification: https://github.com/digitalbazaar/x25519-key-agreement-key-2019

verifiers/_methods/x25519/KeyAgreementKey2019_test.go

@@ -6,7 +6,7 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it/verifiers/_methods/x25519"
+	"code.sonr.org/go/did-it/verifiers/_methods/x25519"
 )
 
 func TestJsonRoundTrip2019(t *testing.T) {

verifiers/_methods/x25519/KeyAgreementKey2020.go

@@ -5,9 +5,9 @@ import (
 	"errors"
 	"fmt"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/x25519"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/x25519"
 )
 
 // Specification: https://w3c-ccg.github.io/did-method-key/#ed25519-x25519

verifiers/_methods/x25519/KeyAgreementKey2020_test.go

@@ -6,7 +6,7 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it/verifiers/_methods/x25519"
+	"code.sonr.org/go/did-it/verifiers/_methods/x25519"
 )
 
 func TestJsonRoundTrip2020(t *testing.T) {

verifiers/did-key/document.go

@@ -4,7 +4,7 @@ import (
 	"encoding/json"
 	"net/url"
 
-	"github.com/MetaMask/go-did-it"
+	"code.sonr.org/go/did-it"
 )
 
 var _ did.Document = &document{}

verifiers/did-key/document_test.go

@@ -6,8 +6,8 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/verifiers/did-key/testvectors"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/verifiers/did-key/testvectors"
 )
 
 func TestDocument(t *testing.T) {

verifiers/did-key/key.go

@@ -4,22 +4,22 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto"
-	allkeys "github.com/MetaMask/go-did-it/crypto/_allkeys"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
-	"github.com/MetaMask/go-did-it/crypto/p256"
-	"github.com/MetaMask/go-did-it/crypto/p384"
-	"github.com/MetaMask/go-did-it/crypto/p521"
-	"github.com/MetaMask/go-did-it/crypto/rsa"
-	"github.com/MetaMask/go-did-it/crypto/secp256k1"
-	"github.com/MetaMask/go-did-it/crypto/x25519"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/ed25519"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/jsonwebkey"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/multikey"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/p256"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/secp256k1"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/x25519"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto"
+	allkeys "code.sonr.org/go/did-it/crypto/_allkeys"
+	"code.sonr.org/go/did-it/crypto/ed25519"
+	"code.sonr.org/go/did-it/crypto/p256"
+	"code.sonr.org/go/did-it/crypto/p384"
+	"code.sonr.org/go/did-it/crypto/p521"
+	"code.sonr.org/go/did-it/crypto/rsa"
+	"code.sonr.org/go/did-it/crypto/secp256k1"
+	"code.sonr.org/go/did-it/crypto/x25519"
+	"code.sonr.org/go/did-it/verifiers/_methods/ed25519"
+	"code.sonr.org/go/did-it/verifiers/_methods/jsonwebkey"
+	"code.sonr.org/go/did-it/verifiers/_methods/multikey"
+	"code.sonr.org/go/did-it/verifiers/_methods/p256"
+	"code.sonr.org/go/did-it/verifiers/_methods/secp256k1"
+	"code.sonr.org/go/did-it/verifiers/_methods/x25519"
 )
 
 // Specification: https://w3c-ccg.github.io/did-method-key/

verifiers/did-key/key_test.go

@@ -7,9 +7,9 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
-	didkey "github.com/MetaMask/go-did-it/verifiers/did-key"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/crypto/ed25519"
+	didkey "code.sonr.org/go/did-it/verifiers/did-key"
 )
 
 func ExampleGenerateKeyPair() {

verifiers/did-key/testvectors/vectors.go

@@ -8,15 +8,15 @@ import (
 
 	"github.com/mr-tron/base58"
 
-	"github.com/MetaMask/go-did-it/crypto"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
-	"github.com/MetaMask/go-did-it/crypto/jwk"
-	"github.com/MetaMask/go-did-it/crypto/p256"
-	"github.com/MetaMask/go-did-it/crypto/secp256k1"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/ed25519"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/jsonwebkey"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/p256"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/secp256k1"
+	"code.sonr.org/go/did-it/crypto"
+	"code.sonr.org/go/did-it/crypto/ed25519"
+	"code.sonr.org/go/did-it/crypto/jwk"
+	"code.sonr.org/go/did-it/crypto/p256"
+	"code.sonr.org/go/did-it/crypto/secp256k1"
+	"code.sonr.org/go/did-it/verifiers/_methods/ed25519"
+	"code.sonr.org/go/did-it/verifiers/_methods/jsonwebkey"
+	"code.sonr.org/go/did-it/verifiers/_methods/p256"
+	"code.sonr.org/go/did-it/verifiers/_methods/secp256k1"
 )
 
 // Origin: https://github.com/w3c-ccg/did-key-spec/tree/main/test-vectors

verifiers/did-plc/document.go

@@ -4,7 +4,7 @@ import (
 	"encoding/json"
 	"net/url"
 
-	"github.com/MetaMask/go-did-it"
+	"code.sonr.org/go/did-it"
 )
 
 var _ did.Document = &document{}

verifiers/did-plc/document_test.go

@@ -9,7 +9,7 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it"
+	"code.sonr.org/go/did-it"
 )
 
 func TestDocument(t *testing.T) {

verifiers/did-plc/plc.go

@@ -8,19 +8,19 @@ import (
 	"net/url"
 	"strings"
 
-	"github.com/MetaMask/go-did-it"
-	allkeys "github.com/MetaMask/go-did-it/crypto/_allkeys"
-	"github.com/MetaMask/go-did-it/crypto/ed25519"
-	"github.com/MetaMask/go-did-it/crypto/p256"
-	"github.com/MetaMask/go-did-it/crypto/p384"
-	"github.com/MetaMask/go-did-it/crypto/p521"
-	"github.com/MetaMask/go-did-it/crypto/rsa"
-	"github.com/MetaMask/go-did-it/crypto/secp256k1"
-	ed25519vm "github.com/MetaMask/go-did-it/verifiers/_methods/ed25519"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/jsonwebkey"
-	"github.com/MetaMask/go-did-it/verifiers/_methods/multikey"
-	p256vm "github.com/MetaMask/go-did-it/verifiers/_methods/p256"
-	secp256k1vm "github.com/MetaMask/go-did-it/verifiers/_methods/secp256k1"
+	"code.sonr.org/go/did-it"
+	allkeys "code.sonr.org/go/did-it/crypto/_allkeys"
+	"code.sonr.org/go/did-it/crypto/ed25519"
+	"code.sonr.org/go/did-it/crypto/p256"
+	"code.sonr.org/go/did-it/crypto/p384"
+	"code.sonr.org/go/did-it/crypto/p521"
+	"code.sonr.org/go/did-it/crypto/rsa"
+	"code.sonr.org/go/did-it/crypto/secp256k1"
+	ed25519vm "code.sonr.org/go/did-it/verifiers/_methods/ed25519"
+	"code.sonr.org/go/did-it/verifiers/_methods/jsonwebkey"
+	"code.sonr.org/go/did-it/verifiers/_methods/multikey"
+	p256vm "code.sonr.org/go/did-it/verifiers/_methods/p256"
+	secp256k1vm "code.sonr.org/go/did-it/verifiers/_methods/secp256k1"
 )
 
 // Specification: https://web.plc.directory/spec/v0.1/did-plc

verifiers/did-plc/plc_test.go

@@ -5,7 +5,7 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it"
+	"code.sonr.org/go/did-it"
 )
 
 func TestParseDIDPlc(t *testing.T) {

verifiers/did-web/web.go

@@ -10,8 +10,8 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/MetaMask/go-did-it"
-	"github.com/MetaMask/go-did-it/document"
+	"code.sonr.org/go/did-it"
+	"code.sonr.org/go/did-it/document"
 )
 
 // Specification: https://w3c-ccg.github.io/did-method-web/

verifiers/did-web/web_test.go

@@ -9,7 +9,7 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	"github.com/MetaMask/go-did-it"
+	"code.sonr.org/go/did-it"
 )
 
 func TestDecode(t *testing.T) {