w

auth/api/iam/api.go

@@ -30,7 +30,7 @@ import (
 	"github.com/nuts-foundation/nuts-node/core"
 	"github.com/nuts-foundation/nuts-node/vcr"
 	"github.com/nuts-foundation/nuts-node/vcr/openid4vci"
-	"github.com/nuts-foundation/nuts-node/vdr/didservice"
+	"github.com/nuts-foundation/nuts-node/vdr/resolver"
 	vdr "github.com/nuts-foundation/nuts-node/vdr/types"
 	"html/template"
 	"net/http"
@@ -206,7 +206,7 @@ func (r Wrapper) OAuthAuthorizationServerMetadata(ctx context.Context, request O
 
 	owned, err := r.vdr.IsOwner(ctx, ownDID)
 	if err != nil {
-		if didservice.IsFunctionalResolveError(err) {
+		if resolver.IsFunctionalResolveError(err) {
 			return nil, core.NotFoundError("authz server metadata: %w", err)
 		}
 		log.Logger().WithField("did", ownDID.String()).Errorf("authz server metadata: failed to assert ownership of did: %s", err.Error())
@@ -227,7 +227,7 @@ func (r Wrapper) GetWebDID(ctx context.Context, request GetWebDIDRequestObject)
 
 	document, err := r.vdr.DeriveWebDIDDocument(ctx, baseURL, ownDID)
 	if err != nil {
-		if didservice.IsFunctionalResolveError(err) {
+		if resolver.IsFunctionalResolveError(err) {
 			return GetWebDID404Response{}, nil
 		}
 		log.Logger().WithError(err).Errorf("Could not resolve Nuts DID: %s", ownDID.String())

crypto/api/v1/api.go

@@ -35,7 +35,6 @@ import (
 	"github.com/nuts-foundation/nuts-node/audit"
 	"github.com/nuts-foundation/nuts-node/core"
 	"github.com/nuts-foundation/nuts-node/crypto"
-	"github.com/nuts-foundation/nuts-node/vdr/types"
 )
 
 var _ StrictServerInterface = (*Wrapper)(nil)
@@ -196,14 +195,14 @@ func (w *Wrapper) resolvePublicKey(id *did.DID) (key crypt.PublicKey, keyID ssi.
 	if id.IsURL() {
 		// Assume it is a keyId
 		now := time.Now()
-		key, err = w.K.ResolveKeyByID(id.String(), &now, types.KeyAgreement)
+		key, err = w.K.ResolveKeyByID(id.String(), &now, resolver.KeyAgreement)
 		if err != nil {
 			return nil, ssi.URI{}, err
 		}
 		keyID = id.URI()
 	} else {
 		// Assume it is a DID
-		keyID, key, err = w.K.ResolveKey(*id, nil, types.KeyAgreement)
+		keyID, key, err = w.K.ResolveKey(*id, nil, resolver.KeyAgreement)
 		if err != nil {
 			return nil, ssi.URI{}, err
 		}

crypto/api/v1/api_test.go

@@ -253,7 +253,7 @@ func TestWrapper_EncryptJwe(t *testing.T) {
 			Payload:  payload,
 			Headers:  headers,
 		}
-		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, types.KeyAgreement).Return(ssi.URI{}, nil, errors.New("FAIL"))
+		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, resolver.KeyAgreement).Return(ssi.URI{}, nil, errors.New("FAIL"))
 
 		jwe, err := ctx.client.EncryptJwe(nil, EncryptJweRequestObject{Body: &request})
 		assert.EqualError(t, err, "invalid receiver: FAIL")
@@ -268,7 +268,7 @@ func TestWrapper_EncryptJwe(t *testing.T) {
 			Payload:  payload,
 			Headers:  headers,
 		}
-		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, types.KeyAgreement).Return(ssi.URI{}, nil, errors.New("FAIL"))
+		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, resolver.KeyAgreement).Return(ssi.URI{}, nil, errors.New("FAIL"))
 
 		jwe, err := ctx.client.EncryptJwe(nil, EncryptJweRequestObject{Body: &request})
 		assert.EqualError(t, err, "invalid receiver: FAIL")
@@ -283,7 +283,7 @@ func TestWrapper_EncryptJwe(t *testing.T) {
 			Payload:  payload,
 			Headers:  headers,
 		}
-		ctx.keyResolver.EXPECT().ResolveKeyByID(gomock.Any(), gomock.Any(), types.KeyAgreement).Return(ssi.URI{}, errors.New("FAIL"))
+		ctx.keyResolver.EXPECT().ResolveKeyByID(gomock.Any(), gomock.Any(), resolver.KeyAgreement).Return(ssi.URI{}, errors.New("FAIL"))
 
 		jwe, err := ctx.client.EncryptJwe(nil, EncryptJweRequestObject{Body: &request})
 		assert.EqualError(t, err, "invalid receiver: FAIL")
@@ -298,7 +298,7 @@ func TestWrapper_EncryptJwe(t *testing.T) {
 			Payload:  payload,
 			Headers:  headers,
 		}
-		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, types.KeyAgreement).Return(ssi.URI{}, nil, resolver.ErrNotFound)
+		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, resolver.KeyAgreement).Return(ssi.URI{}, nil, resolver.ErrNotFound)
 
 		jwe, err := ctx.client.EncryptJwe(nil, EncryptJweRequestObject{Body: &request})
 		assert.EqualError(t, err, "unable to locate receiver did:nuts:12345: unable to find the DID document")
@@ -313,7 +313,7 @@ func TestWrapper_EncryptJwe(t *testing.T) {
 			Payload:  payload,
 			Headers:  headers,
 		}
-		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, types.KeyAgreement).Return(ssi.URI{}, nil, resolver.ErrNotFound)
+		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, resolver.KeyAgreement).Return(ssi.URI{}, nil, resolver.ErrNotFound)
 
 		jwe, err := ctx.client.EncryptJwe(nil, EncryptJweRequestObject{Body: &request})
 		assert.EqualError(t, err, "unable to locate receiver did:nuts:12345: unable to find the DID document")
@@ -328,7 +328,7 @@ func TestWrapper_EncryptJwe(t *testing.T) {
 			Payload:  payload,
 			Headers:  headers,
 		}
-		ctx.keyResolver.EXPECT().ResolveKeyByID(gomock.Any(), gomock.Any(), types.KeyAgreement).Return(ssi.URI{}, resolver.ErrNotFound)
+		ctx.keyResolver.EXPECT().ResolveKeyByID(gomock.Any(), gomock.Any(), resolver.KeyAgreement).Return(ssi.URI{}, resolver.ErrNotFound)
 
 		jwe, err := ctx.client.EncryptJwe(nil, EncryptJweRequestObject{Body: &request})
 		assert.EqualError(t, err, "unable to locate receiver did:nuts:12345#key-1: unable to find the DID document")
@@ -360,7 +360,7 @@ func TestWrapper_EncryptJwe(t *testing.T) {
 		did, _ := ssi.ParseURI("did:nuts:12345")
 		ctx.keyStore.EXPECT().EncryptJWE(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("", errors.New("b00m!"))
 
-		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, types.KeyAgreement).Return(*did, nil, nil)
+		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, resolver.KeyAgreement).Return(*did, nil, nil)
 
 		jwe, err := ctx.client.EncryptJwe(audit.TestContext(), EncryptJweRequestObject{Body: &request})
 
@@ -378,7 +378,7 @@ func TestWrapper_EncryptJwe(t *testing.T) {
 			Payload:  payload,
 		}
 		ctx.keyStore.EXPECT().EncryptJWE(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("jwe", nil)
-		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, types.KeyAgreement).Return(*did, nil, nil)
+		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, resolver.KeyAgreement).Return(*did, nil, nil)
 
 		resp, err := ctx.client.EncryptJwe(nil, EncryptJweRequestObject{Body: &request})
 
@@ -396,7 +396,7 @@ func TestWrapper_EncryptJwe(t *testing.T) {
 			Payload:  payload,
 		}
 		ctx.keyStore.EXPECT().EncryptJWE(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("jwe", nil)
-		ctx.keyResolver.EXPECT().ResolveKeyByID(gomock.Any(), gomock.Any(), types.KeyAgreement).Return(*did, nil)
+		ctx.keyResolver.EXPECT().ResolveKeyByID(gomock.Any(), gomock.Any(), resolver.KeyAgreement).Return(*did, nil)
 
 		resp, err := ctx.client.EncryptJwe(nil, EncryptJweRequestObject{Body: &request})
 
@@ -414,7 +414,7 @@ func TestWrapper_EncryptJwe(t *testing.T) {
 		}
 		did, _ := ssi.ParseURI(kid)
 		ctx.keyStore.EXPECT().EncryptJWE(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("jwe", nil)
-		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, types.KeyAgreement).Return(*did, nil, nil)
+		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, resolver.KeyAgreement).Return(*did, nil, nil)
 
 		resp, err := ctx.client.EncryptJwe(nil, EncryptJweRequestObject{Body: &request})
 
@@ -430,7 +430,7 @@ func TestWrapper_EncryptJwe(t *testing.T) {
 			Receiver: did.String(),
 		}
 		ctx.keyStore.EXPECT().EncryptJWE(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("jwe", nil)
-		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, types.KeyAgreement).Return(*did, nil, nil)
+		ctx.keyResolver.EXPECT().ResolveKey(gomock.Any(), nil, resolver.KeyAgreement).Return(*did, nil, nil)
 
 		resp, err := ctx.client.EncryptJwe(nil, EncryptJweRequestObject{Body: &request})
 

didman/didman.go

@@ -25,7 +25,6 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"github.com/nuts-foundation/nuts-node/vdr/didservice"
 	"github.com/nuts-foundation/nuts-node/vdr/resolver"
 	"net/url"
 	"sync"
@@ -283,7 +282,7 @@ func (d *didman) GetCompoundServiceEndpoint(id did.DID, compoundServiceType stri
 }
 
 func (d *didman) DeleteService(ctx context.Context, serviceID ssi.URI) error {
-	id, err := didservice.GetDIDFromURL(serviceID.String())
+	id, err := resolver.GetDIDFromURL(serviceID.String())
 	if err != nil {
 		return err
 	}
@@ -299,7 +298,7 @@ func (d *didman) deleteService(ctx context.Context, serviceID ssi.URI) error {
 	log.Logger().
 		WithField(core.LogFieldServiceID, serviceID.String()).
 		Debug("Deleting service")
-	id, err := didservice.GetDIDFromURL(serviceID.String())
+	id, err := resolver.GetDIDFromURL(serviceID.String())
 	if err != nil {
 		return err
 	}
@@ -469,7 +468,7 @@ func (d *didman) resolveOrganizationDIDDocuments(organizations []vc.VerifiableCr
 	j := 0
 	for i, organization := range organizations {
 		document, organizationDID, err := d.resolveOrganizationDIDDocument(organization)
-		if didservice.IsFunctionalResolveError(err) {
+		if resolver.IsFunctionalResolveError(err) {
 			// Just ignore deactivated DID documents or VCs that don't refer to an existing DID document.
 			// Log it on debug, because it might be useful for finding VCs that need to be revoked (since they're invalid).
 			log.Logger().

golden_hammer/module.go

@@ -29,7 +29,6 @@ import (
 	"github.com/nuts-foundation/nuts-node/network/transport"
 	"github.com/nuts-foundation/nuts-node/vcr"
 	"github.com/nuts-foundation/nuts-node/vcr/openid4vci"
-	"github.com/nuts-foundation/nuts-node/vdr/didservice"
 	"github.com/nuts-foundation/nuts-node/vdr/resolver"
 	"github.com/nuts-foundation/nuts-node/vdr/types"
 	"net/url"
@@ -142,7 +141,7 @@ func (h *GoldenHammer) registerServiceBaseURLs() error {
 		serviceEndpoint := getServiceEndpoint(document, transport.NutsCommServiceType)
 		if resolver.IsServiceReference(serviceEndpoint) {
 			// Care organization DID document, register service pointing to vendor DID.
-			parentDID, err := didservice.GetDIDFromURL(serviceEndpoint)
+			parentDID, err := resolver.GetDIDFromURL(serviceEndpoint)
 			if err != nil {
 				// Invalid NutsComm reference, skip
 				log.Logger().WithError(err).
@@ -194,7 +193,7 @@ func (h *GoldenHammer) listDocumentToFix() ([]did.Document, error) {
 		}
 		document, _, err := h.vdrInstance.Resolver().Resolve(id, nil)
 		if err != nil {
-			if !didservice.IsFunctionalResolveError(err) {
+			if !resolver.IsFunctionalResolveError(err) {
 				log.Logger().WithError(err).Infof("Can't resolve DID document, skipping fix (did=%s)", id)
 			}
 			continue
@@ -238,7 +237,7 @@ func (h *GoldenHammer) tryResolveURL(id did.DID) (*url.URL, error) {
 // resolveContainsService returns whether 1. given DID document can be resolved, and 2. it contains the specified service.
 func (h *GoldenHammer) resolveContainsService(id did.DID, serviceType string) bool {
 	document, _, err := h.vdrInstance.Resolver().Resolve(id, nil)
-	if didservice.IsFunctionalResolveError(err) {
+	if resolver.IsFunctionalResolveError(err) {
 		// Unresolvable DID document, nothing to do
 		return false
 	}

network/dag/keys.go

@@ -22,7 +22,6 @@ import (
 	"fmt"
 	"github.com/nuts-foundation/go-did/did"
 	"github.com/nuts-foundation/nuts-node/crypto/hash"
-	"github.com/nuts-foundation/nuts-node/vdr/didservice"
 	resolver2 "github.com/nuts-foundation/nuts-node/vdr/resolver"
 )
 
@@ -53,7 +52,7 @@ func resolvePublicKey(resolver resolver2.DIDResolver, kid string, metadata resol
 	if err != nil {
 		return nil, fmt.Errorf("invalid key ID (id=%s): %w", kid, err)
 	}
-	holder, _ := didservice.GetDIDFromURL(kid) // can't fail, already parsed
+	holder, _ := resolver2.GetDIDFromURL(kid) // can't fail, already parsed
 	doc, _, err := resolver.Resolve(holder, &metadata)
 	if err != nil {
 		return nil, err

network/dag/pal.go

@@ -31,7 +31,6 @@ import (
 	"github.com/nuts-foundation/go-did/did"
 	"github.com/nuts-foundation/nuts-node/crypto"
 	"github.com/nuts-foundation/nuts-node/network/log"
-	"github.com/nuts-foundation/nuts-node/vdr/types"
 )
 
 // palHeaderDIDSeparator holds the character(s) that separate DID entries in the PAL header, before being encrypted.
@@ -59,7 +58,7 @@ func (pal PAL) Encrypt(keyResolver resolver.KeyResolver) (EncryptedPAL, error) {
 	var recipients [][]byte
 	for _, recipient := range pal {
 		recipients = append(recipients, []byte(recipient.String()))
-		_, rawKak, err := keyResolver.ResolveKey(recipient, nil, types.KeyAgreement)
+		_, rawKak, err := keyResolver.ResolveKey(recipient, nil, resolver.KeyAgreement)
 		if err != nil {
 			return nil, fmt.Errorf("unable to resolve keyAgreement key (recipient=%s): %w", recipient, err)
 		}

network/dag/pal_test.go

@@ -48,8 +48,8 @@ func TestEncryptPal(t *testing.T) {
 		// Encrypt
 		ctrl := gomock.NewController(t)
 		keyResolver := types.NewMockKeyResolver(ctrl)
-		keyResolver.EXPECT().ResolveKey(*pA, nil, types.KeyAgreement).Return(ssi.URI{}, pkA.Public(), nil)
-		keyResolver.EXPECT().ResolveKey(*pB, nil, types.KeyAgreement).Return(ssi.URI{}, pkB.Public(), nil)
+		keyResolver.EXPECT().ResolveKey(*pA, nil, resolver.KeyAgreement).Return(ssi.URI{}, pkA.Public(), nil)
+		keyResolver.EXPECT().ResolveKey(*pB, nil, resolver.KeyAgreement).Return(ssi.URI{}, pkB.Public(), nil)
 		expected := PAL{*pA, *pB}
 		pal, err := expected.Encrypt(keyResolver)
 		require.NoError(t, err)
@@ -72,15 +72,15 @@ func TestEncryptPal(t *testing.T) {
 	t.Run("error - keyAgreement key type is not supported", func(t *testing.T) {
 		ctrl := gomock.NewController(t)
 		keyResolver := types.NewMockKeyResolver(ctrl)
-		keyResolver.EXPECT().ResolveKey(*pA, nil, types.KeyAgreement).Return(ssi.URI{}, &rsa.PublicKey{}, nil)
+		keyResolver.EXPECT().ResolveKey(*pA, nil, resolver.KeyAgreement).Return(ssi.URI{}, &rsa.PublicKey{}, nil)
 		pal, err := PAL{*pA}.Encrypt(keyResolver)
 		assert.Nil(t, pal)
 		assert.EqualError(t, err, "resolved keyAgreement key is not an elliptic curve key (recipient=did:nuts:A)")
 	})
 	t.Run("error - no keyAgreements", func(t *testing.T) {
 		ctrl := gomock.NewController(t)
 		keyResolver := types.NewMockKeyResolver(ctrl)
-		keyResolver.EXPECT().ResolveKey(*pA, nil, types.KeyAgreement).Return(ssi.URI{}, nil, resolver.ErrKeyNotFound)
+		keyResolver.EXPECT().ResolveKey(*pA, nil, resolver.KeyAgreement).Return(ssi.URI{}, nil, resolver.ErrKeyNotFound)
 		pal, err := PAL{*pA}.Encrypt(keyResolver)
 		assert.Nil(t, pal)
 		assert.EqualError(t, err, "unable to resolve keyAgreement key (recipient=did:nuts:A): key not found in DID document")

network/network.go

@@ -26,7 +26,7 @@ import (
 	"errors"
 	"fmt"
 	"github.com/nuts-foundation/nuts-node/vdr/didnuts/didstore"
-	"github.com/nuts-foundation/nuts-node/vdr/didservice"
+	"github.com/nuts-foundation/nuts-node/vdr/management"
 	"github.com/nuts-foundation/nuts-node/vdr/resolver"
 	"net"
 	"strings"
@@ -46,7 +46,6 @@ import (
 	"github.com/nuts-foundation/nuts-node/network/transport/v2"
 	"github.com/nuts-foundation/nuts-node/pki"
 	"github.com/nuts-foundation/nuts-node/storage"
-	"github.com/nuts-foundation/nuts-node/vdr/types"
 	"go.etcd.io/bbolt"
 )
 
@@ -86,7 +85,7 @@ type Network struct {
 	peerID            transport.PeerID
 	nodeDID           did.DID
 	didStore          didstore.Store
-	didDocumentFinder types.DocFinder
+	didDocumentFinder management.DocFinder
 	serviceResolver   resolver.ServiceResolver
 	eventPublisher    events.Event
 	storeProvider     storage.Provider
@@ -391,7 +390,7 @@ func (n *Network) connectToKnownNodes(nodeDID did.DID) error {
 	}
 
 	// start connecting to published NutsComm addresses
-	otherNodes, err := n.didDocumentFinder.Find(didservice.IsActive(), didservice.ValidAt(time.Now()), didservice.ByServiceType(transport.NutsCommServiceType))
+	otherNodes, err := n.didDocumentFinder.Find(management.IsActive(), management.ValidAt(time.Now()), management.ByServiceType(transport.NutsCommServiceType))
 	if err != nil {
 		return err
 	}

network/network_test.go

@@ -464,8 +464,8 @@ func TestNetwork_CreateTransaction(t *testing.T) {
 			cxt.state.EXPECT().Head(gomock.Any())
 			cxt.state.EXPECT().Add(gomock.Any(), gomock.Any(), payload)
 
-			cxt.keyResolver.EXPECT().ResolveKey(*sender, nil, vdrTypes.KeyAgreement).Return(ssi.MustParseURI("sender"), senderKey.Public(), nil)
-			cxt.keyResolver.EXPECT().ResolveKey(*receiver, nil, vdrTypes.KeyAgreement).Return(ssi.MustParseURI("receiver"), receiverKey.Public(), nil)
+			cxt.keyResolver.EXPECT().ResolveKey(*sender, nil, resolver.KeyAgreement).Return(ssi.MustParseURI("sender"), senderKey.Public(), nil)
+			cxt.keyResolver.EXPECT().ResolveKey(*receiver, nil, resolver.KeyAgreement).Return(ssi.MustParseURI("receiver"), receiverKey.Public(), nil)
 
 			_, err = cxt.network.CreateTransaction(ctx, TransactionTemplate(payloadType, payload, key).WithPrivate([]did.DID{*sender, *receiver}))
 			assert.NoError(t, err)

vcr/credential/validator.go

@@ -24,7 +24,7 @@ import (
 	"errors"
 	"fmt"
 	"github.com/nuts-foundation/go-did/did"
-	"github.com/nuts-foundation/nuts-node/vdr/didservice"
+	"github.com/nuts-foundation/nuts-node/vdr/resolver"
 	"github.com/piprate/json-gold/ld"
 	"strings"
 
@@ -238,7 +238,7 @@ func validOperation(operation string) bool {
 }
 
 func validateNutsCredentialID(credential vc.VerifiableCredential) error {
-	id, err := didservice.GetDIDFromURL(credential.ID.String())
+	id, err := resolver.GetDIDFromURL(credential.ID.String())
 	if err != nil {
 		return err
 	}

vcr/issuer/issuer.go

@@ -23,7 +23,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"github.com/nuts-foundation/nuts-node/vcr/openid4vci"
-	"github.com/nuts-foundation/nuts-node/vdr/didservice"
 	resolver2 "github.com/nuts-foundation/nuts-node/vdr/resolver"
 	"time"
 
@@ -194,7 +193,7 @@ func (i issuer) buildVC(ctx context.Context, credentialOptions vc.VerifiableCred
 	if err != nil {
 		const errString = "failed to sign credential: could not resolve an assertionKey for issuer: %w"
 		// Differentiate between a DID document not found and some other error:
-		if didservice.IsFunctionalResolveError(err) {
+		if resolver2.IsFunctionalResolveError(err) {
 			return nil, core.InvalidInputError(errString, err)
 		}
 		return nil, fmt.Errorf(errString, err)
@@ -298,7 +297,7 @@ func (i issuer) buildRevocation(ctx context.Context, credentialID ssi.URI) (*cre
 	if err != nil {
 		const errString = "failed to revoke credential (%s): could not resolve an assertionKey for issuer: %w"
 		// Differentiate between a DID document not found and some other error:
-		if didservice.IsFunctionalResolveError(err) {
+		if resolver2.IsFunctionalResolveError(err) {
 			return nil, core.InvalidInputError(errString, credentialID, err)
 		}
 		return nil, fmt.Errorf(errString, credentialID, err)

vcr/issuer/keyresolver.go

@@ -24,7 +24,6 @@ import (
 	"github.com/nuts-foundation/go-did/did"
 	"github.com/nuts-foundation/nuts-node/crypto"
 	"github.com/nuts-foundation/nuts-node/vdr/resolver"
-	vdr "github.com/nuts-foundation/nuts-node/vdr/types"
 )
 
 // vdrKeyResolver resolves private keys based upon the VDR document resolver
@@ -35,7 +34,7 @@ type vdrKeyResolver struct {
 
 // ResolveAssertionKey is a convenience method which tries to find a assertionKey on in the VDR for a given issuerDID.
 func (r vdrKeyResolver) ResolveAssertionKey(ctx context.Context, issuerDID did.DID) (crypto.Key, error) {
-	kid, _, err := r.publicKeyResolver.ResolveKey(issuerDID, nil, vdr.AssertionMethod)
+	kid, _, err := r.publicKeyResolver.ResolveKey(issuerDID, nil, resolver.AssertionMethod)
 	if err != nil {
 		return nil, fmt.Errorf("invalid issuer: %w", err)
 	}