Feature: PII Encapsulation by sephynox · Pull Request #138 · KeetaNetwork/anchor

sephynox · 2025-12-16T20:26:02Z

Overview

Adds encapsulation for transport of PII information. In footprint-kyc-anchor, instead of:

getPII(entityId: string, entityType: LegalEntityType, reason?: string): Promise<EntityPII>;

We can now do:

getPII(entityId: string, entityType: LegalEntityType, reason?: string): Promise<PIIStore>;

`PIIStore` (`src/lib/utils/pii.ts`)

Prevents accidental PII logging/serialization (redacts toString(), toJSON(), util.inspect())
setAttribute(name, value) - type-safe storage for known + external attributes
toSensitiveAttribute(name, subjectKey) - encrypts and returns SensitiveAttribute
run(get) - scoped callback with getter
toCertificateBuilder(builder) - applies all known attributes to certificate
PIIStore.fromCertificate(cert) - extracts attributes from existing certificate
PIIError with codes: PII_ATTRIBUTE_NOT_FOUND, PII_KNOWN_ATTRIBUTE_EXPOSURE_DENIED

`SensitiveAttribute` (`src/lib/sensitive-attribute.ts`)

Extracted from certificates.ts into dedicated module
SensitiveAttributeBuilder.build() now returns SensitiveAttribute<T> directly
set(name, value) - schema-aware encoding for known attributes
set(bytes) - raw bytes for external attributes
publicKey getter - returns encryption target public key
toDER() - returns raw encrypted bytes
isInstance() - static type guard

`CertificateBuilder`

setSensitiveAttribute(name, attr) - accepts pre-built SensitiveAttribute instances

src/lib/utils/pii.ts

This reverts commit 19152b8.

This reverts commit b2055f5.

sonarqubecloud · 2025-12-17T21:08:29Z

Quality Gate passed

Issues
7 New issues
0 Accepted issues

Measures
0 Security Hotspots
90.8% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

rkeene · 2025-12-18T19:41:33Z

src/lib/utils/pii.ts

+import type * as KeetaNetClient from '@keetanetwork/keetanet-client';
+import { CertificateAttributeOIDDB, type CertificateAttributeValueMap, type CertificateAttributeValue } from '../../services/kyc/iso20022.generated.js';
+import type { CertificateBuilder, Certificate } from '../certificates.js';
+import { SensitiveAttribute, SensitiveAttributeBuilder } from '../certificates.js';


Why is this using SensitiveAttribute if it never serializes the data to a buffer ?

I am not sure what you mean? For known attributes it uses the builder. We can just not allow unknown attributes to be handled with toSensitiveAttribute unless you have a different idea.

I mean the SensitiveAttribute mechanism is for encrypting data to be validated (via proof later), it doesn't really make sense to encrypt data and then never use the encrypted data...

sonarqubecloud · 2026-01-20T21:42:53Z

Quality Gate passed

Issues
7 New issues
0 Accepted issues

Measures
0 Security Hotspots
90.6% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

sephynox added 3 commits December 16, 2025 11:29

Add PII store.

4f42780

Cleanup

350a314

Use a run instead of an expose.

5b8d710

sephynox requested review from Srayman and rkeene December 16, 2025 20:26

sephynox self-assigned this Dec 16, 2025

sephynox added the enhancement New feature or request label Dec 16, 2025

sephynox added 2 commits December 16, 2025 13:28

Better encapsulation and separation of concerns.

5374085

Track sensitive.

f8c2cda

Srayman reviewed Dec 16, 2025

View reviewed changes

src/lib/utils/pii.ts Outdated Show resolved Hide resolved

Do not require Account in constructor.

609ecd9

sephynox requested a review from Srayman December 16, 2025 22:17

sephynox added 5 commits December 16, 2025 14:47

Support generic data.

8d293f7

Cleanup

ee48c3d

Add test case.

b076c49

Support exposing unknown attributes.

463a533

Use scoping instead.

b634a62

Srayman approved these changes Dec 17, 2025

View reviewed changes

sephynox added 7 commits December 17, 2025 11:37

Use actual methods.

401a31e

Better typing.

b2055f5

Lint

19152b8

Revert "Lint"

700657b

This reverts commit 19152b8.

Revert "Better typing."

c7846a7

This reverts commit b2055f5.

Cleanup.

4a8229b

Partial type improvements for run.

592c62f

rkeene reviewed Dec 18, 2025

View reviewed changes

sephynox requested a review from rkeene December 18, 2025 20:02

Only known attributes can be made into SensitiveAttribute.

dcd46f6

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Feature: PII Encapsulation#138

Feature: PII Encapsulation#138
sephynox wants to merge 19 commits intomainfrom
feat/pii-store

sephynox commented Dec 16, 2025 •

edited

Loading

Uh oh!

Uh oh!

sonarqubecloud bot commented Dec 17, 2025

Uh oh!

rkeene Dec 18, 2025

Uh oh!

sephynox Dec 18, 2025

Uh oh!

rkeene Jan 26, 2026

Uh oh!

sonarqubecloud bot commented Jan 20, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

sephynox commented Dec 16, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Overview

PIIStore (src/lib/utils/pii.ts)

SensitiveAttribute (src/lib/sensitive-attribute.ts)

CertificateBuilder

Uh oh!

Uh oh!

sonarqubecloud bot commented Dec 17, 2025

Quality Gate passed

Uh oh!

rkeene Dec 18, 2025

Choose a reason for hiding this comment

Uh oh!

sephynox Dec 18, 2025

Choose a reason for hiding this comment

Uh oh!

rkeene Jan 26, 2026

Choose a reason for hiding this comment

Uh oh!

sonarqubecloud bot commented Jan 20, 2026

Quality Gate passed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

sephynox commented Dec 16, 2025 •

edited

Loading

`PIIStore` (`src/lib/utils/pii.ts`)

`SensitiveAttribute` (`src/lib/sensitive-attribute.ts`)

`CertificateBuilder`