nsICredentialInfo

This is described in XPIDL that is an Interface Description Language used to specify XPCOM interface classes.

/**
 * A credential object in the SelfSovereignIndividual.
 * See SsiStore.sys.mjs for the actual data example.
 */
interface nsICredentialInfo : nsISupports {

  /**
   * The freedom tech protocol name:
   * money, e.g. "bitcoin", "lightning", "liquid", "cashu", "fedimint"...
   * identity, e.g. "nostr", "did:dht"...
   * speech, e.g. "matrix", "signal"...
   */
  attribute AString protocolName;

  /**
   * The credential category for when there are multiple types of the same protocol:
   * e.g. "bip39", "lnc", "nsec"...
   */
  attribute AString credentialName;

  /**
   * If true, this credential has the top priority within the same
   * protocol, such as when inserted into a window object.
   */
  attribute boolean primary;

  /**
   * The cryptographic secret that is expected to be unique in the world:
   * e.g. secret key, seed phrase, pairing phrase....
   *
   * It provides a unique key within the protocol, but the same secret can be used across protocols
   * like between Bitcoin and Nostr. So, GUID or `protocolName + credentialName + secret`
   * should be used as unique key in the system.
   */
  attribute AString secret;

  /**
   * The identifier that identifies the user to others:
   * e.g. public key, user id, email, etc.
   */
  attribute AString identifier;

  /**
   * The website list for which this credential is trusted.
   * It is not only web app but also web extensions etc:
   * e.g. https://example, moz-extension://example
   *
   * The actual value is the array by JSON.stringify.
   */
  attribute AString trustedSites;

  /**
   * The website list for which this credential is authorized by Primary Passowrd/OS Account Password.
   * It is not only web app but also web extensions etc:
   * e.g. https://example, moz-extension://example
   *
   * The actual value is the array by JSON.stringify.
   */
  attribute AString passwordAuthorizedSites;

  /**
   * A box where you can freely put anything else you need for each credential.
   * Actually string generated by JSON.stringify.
   * e.g. '{"serverHost":"mail.box.lightning.today:443","localKey":"abc...","remoteKey":"xyz..."}'
   *
   * @note optional
   */
  attribute AString properties;

  /**
   * Unknown fields this client doesn't know about but will be roundtripped
   * for other clients to prevent data loss
   *
   * @note optional
   */
  attribute AString unknownFields;

  /**
   * Initialize a newly created nsICredentialInfo object.
   *
   * The arguments are the fields for the new object.
   */
  void init(in AString aProtocolName, in AString aCredentialName,
            in boolean aPrimary, in AString aSecret, in AString aIdentifier,
            in AString aTrustedSites, in AString aPasswordAuthorizedSites,
            [optional] in AString aProperties);

  /**
   * Test for strict equality with another nsICredentialInfo object.
   *
   * @param aCredential
   *        The other object to test.
   */
  boolean equals(in nsICredentialInfo aCredential);

  /**
   * Test for loose equivalency with another nsICredentialInfo object.
   *
   * @param aCredentialInfo
   *        The other object to test.
   */
  boolean matches(in nsICredentialInfo aCredential);

  /**
   * Create an identical copy of the credential, duplicating all of the credential's
   * nsICredentialInfo and nsICredentialMetaInfo properties.
   *
   * This allows code to be forwards-compatible, when additional properties
   * are added to nsICredentialMetaInfo (or nsICredentialInfo) in the future.
   */
  nsICredentialInfo clone();
};